Microsoft Visual Basic For Applications Document Handling Buffer Overrun Vulnerability

Microsoft Visual Basic For Applications Document Handling Buffer Overrun Vulnerability

A vulnerability has been discovered in Microsoft Visual Basic for Applications. The vulnerability occurs because the software fails to perform sufficient boundary checks when parsing specific properties of malformed documents. As a result, a malformed document may trigger a buffer overrun within the affected application, effectively allowing arbitrary code to run.

Internet Explorer is also reportedly an attack vector, since it may call helper applications when handling certain document types.