virus logo Intrusion Prevention

VBE.Document.Property.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a buffer overflow vulnerability in VBE.DLL and VBE6.DLL, which are part of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3.
A heap-based buffer overflow vulnerability could allow a remote attacker to execute arbitrary code via a document with a long ID parameter.

affected-products-logoAffected Products

Microsoft Corporation: Microsoft Access 2000
Microsoft Corporation: Microsoft Access 2002
Microsoft Corporation: Microsoft Access 97
Microsoft Corporation: Microsoft Business Solution Dynamics 6.0
Microsoft Corporation: Microsoft Business Solutions Dynamic 7.0
Microsoft Corporation: Microsoft Business Solutions eEnterprise 6.0
Microsoft Corporation: Microsoft Business Solutions eEnterprise 7.0
Microsoft Corporation: Microsoft Business Solutions Great Plain 7.5
Microsoft Corporation: Microsoft Business Solutions Solomon 4.5
Microsoft Corporation: Microsoft Business Solutions Solomon 5.0
Microsoft Corporation: Microsoft Business Solutions Solomon 5.5
Microsoft Corporation: Microsoft Excel 2000
Microsoft Corporation: Microsoft Excel 2002
Microsoft Corporation: Microsoft Excel 97
Microsoft Corporation: Microsoft PowerPoint 2000
Microsoft Corporation: Microsoft PowerPoint 2002
Microsoft Corporation: Microsoft PowerPoint 97
Microsoft Corporation: Microsoft Project 2000
Microsoft Corporation: Microsoft Project 2002
Microsoft Corporation: Microsoft Publisher 2002
Microsoft Corporation: Microsoft Visio 2000
Microsoft Corporation: Microsoft Visio 2002
Microsoft Corporation: Microsoft Visual Basic 5.0 Any version
Microsoft Corporation: Microsoft Visual Basic 6.0 Any version
Microsoft Corporation: Microsoft Visual Basic 6.2 Any version
Microsoft Corporation: Microsoft Visual Basic 6.3 Any version
Microsoft Corporation: Microsoft Word 2000
Microsoft Corporation: Microsoft Word 2002
Microsoft Corporation: Microsoft Word 97
Microsoft Corporation: Microsoft Word 98 (Japanese)
Microsoft Corporation: Microsoft Works Suite 2001
Microsoft Corporation: Microsoft Works Suite 2002
Microsoft Corporation: Microsoft Works Suite 2003

Impact logoImpact

System compromise.

recomended-action-logoRecommended Actions

Apply the patch available from the following web site:
http://www.microsoft.com/technet/security/bulletin/ms03-037.mspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 14449
Created Apr 05, 2007
Updated Mar 11, 2022
Risk black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2003-0347
Exploit Prediction Score 94.69%
Default Action drop
Active
Affected OS Windows
Affected App Other