Security Guide for Windows

Part of the WinGuides Network

Security information, resources and support to secure Windows systems and networks.

[Advanced Search]

Already a member? Sign in Not a member? Register

New
Category: Home > General Software > Microsoft Office

A buffer overrun exists in the Microsoft Visual Basic for Applications SDK which is included with a large number of Microsoft products. If exploited successfully it could allow an attacker to execute code of their choice in the context of the logged on user.

Issue
Microsoft VBA is a development technology for developing client desktop packaged applications and integrating them with existing data and systems. Microsoft VBA is based on the Microsoft Visual Basic development system. Microsoft Office products include VBA and make use of VBA to perform certain functions. VBA can also be used to build customized applications based around an existing host application.

A flaw exists in the way VBA checks document properties passed to it when a document is opened by the host application. A buffer overrun exists which if exploited successfully could allow an attacker to execute code of their choice in the context of the logged on user.

In order for an attack to be successful, a user would have to open a specially crafted document sent to them by an attacker. This document could be any type of document that supports VBA, such as a Word document, Excel spreadsheet, PowerPoint presentation. In the case where Microsoft Word is being used as the HTML e-mail editor for Microsoft Outlook, this document could be an e-mail, however the user would need to reply to, or forward the mail message in order for the vulnerability to be exploited.

Affected Products

Microsoft Access 97

Microsoft Access 2000

Microsoft Access 2002

Microsoft Excel 97

Microsoft Excel 2000

Microsoft Excel 2002

Microsoft PowerPoint 97

Microsoft PowerPoint 2000

Microsoft PowerPoint 2002

Microsoft Project 2000

Microsoft Project 2002