MS03-037: Visual Basic for Application Overflow (822715)

High Nessus Plugin ID 11832


Arbitrary code can be executed on the remote host through VBA.


The remote host is running a version of Microsoft Visual Basic for Applications that is vulnerable to a buffer overflow when handling malformed documents.

An attacker may exploit this flaw to execute arbitrary code on this host by sending a malformed file to a user of the remote host.


Microsoft has released a set of patches for Office.

See Also

Plugin Details

Severity: High

ID: 11832

File Name: smb_nt_ms03-037.nasl

Version: $Revision: 1.43 $

Type: local

Agent: windows

Published: 2003/09/04

Modified: 2017/05/25

Dependencies: 10394, 10150, 10400, 57033

Risk Information

Risk Factor: High


Base Score: 7.6

Temporal Score: 6.3

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:microsoft:visual_basic, cpe:/a:microsoft:visual_basic_software_development_kit

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2003/09/03

Vulnerability Publication Date: 2003/05/28

Reference Information

CVE: CVE-2003-0347

BID: 8534

OSVDB: 12652

MSFT: MS03-037

CERT: 804780

MSKB: 822715