Vulnerability CVE-2010-0815 - CERT Civis.Net

Vulnerability Name:

CVE-2010-0815 (CCN-58170)

Assigned:

2010-05-11

Published:

2010-05-11

Updated:

2018-10-12

Summary:

VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "VBE6.DLL Stack Memory Corruption Vulnerability."

CVSS v3 Severity:

10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2010-0815

Source: CCN
Type: SA39663
Visual Basic for Applications Single-Byte Stack Overwrite Vulnerability

Source: CCN
Type: SA43807
CATIA V5 Visual Basic for Applications Single-Byte Stack Overwrite Vulnerability

Source: CCN
Type: Microsoft Security Bulletin MS12-046
Vulnerability in Visual Basic for Applications Could Allow Remote Code Execution (2707960)

Source: CCN
Type: Microsoft Security Bulletin MS13-074
Vulnerabilities in Microsoft Access Could Allow Remote Code Execution (2848637)

Source: CCN
Type: Microsoft Security Bulletin MS15-081
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3080790)

Source: CCN
Type: Microsoft Security Bulletin MS15-099
Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3089664)

Source: CCN
Type: Microsoft Security Bulletin MS15-110
Security Updates for Microsoft Office (3096440)

Source: CCN
Type: Microsoft Security Bulletin MS15-116
Security Updates for Microsoft Office to Address Remote Code Execution (3104540)

Source: CCN
Type: Microsoft Security Bulletin MS15-131
Security Update for Microsoft Office to Address Remote Code Execution (3116111)

Source: CCN
Type: Microsoft Security Bulletin MS16-004
Security Update for Microsoft Office to Address Remote Code Execution - Critical (3124585)

Source: CCN
Type: Microsoft Security Bulletin MS16-015
Security Update for Microsoft Office to Address Remote Code Execution (3134226)

Source: CCN
Type: Microsoft Security Bulletin MS16-029
Security Update for Microsoft Office to Address Remote Code Execution (3141806)

Source: CCN
Type: Microsoft Security Bulletin MS16-042
Security Update for Microsoft Office (3148775)

Source: CCN
Type: Microsoft Security Bulletin MS16-054
Security Update for Microsoft Office (3155544)

Source: CCN
Type: Microsoft Security Bulletin MS16-070
Security Update for Office (3163610)

Source: CCN
Type: Microsoft Security Bulletin MS16-088
Security Updates for Office (3170008)

Source: CCN
Type: Microsoft Security Bulletin MS16-099
Security Update for Office (3177451)

Source: CCN
Type: Microsoft Security Bulletin MS16-107
Security Update for Microsoft Office (3185852)

Source: CCN
Type: Microsoft Security Bulletin MS16-121
Security Update for Microsoft Office (3194063)

Source: CCN
Type: Microsoft Security Bulletin MS16-133
Security Update for Microsoft Office (3199168)

Source: CCN
Type: Microsoft Security Bulletin MS16-148
Security Update for Microsoft Office (3204068)

Source: CCN
Type: Microsoft Security Bulletin MS17-002
Security Update for Microsoft Office (3214291)

Source: CCN
Type: Microsoft Security Bulletin MS17-013
Security Update for Microsoft Graphics Component (4013075)

Source: CCN
Type: Microsoft Security Bulletin MS17-014
Security Update for Microsoft Office (4013241)

Source: CCN
Type: IBM APAR HE02859
OM : MICROSOFT OFFICE VULNERABILITIES DETECTED WITH VBA CODE INS TALLED WITH CATIA CODE

Source: CCN
Type: Microsoft Security Bulletin MS10-031
Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (978213)

Source: CCN
Type: BID-39931
Microsoft Visual Basic for Applications Text Parsing Stack Buffer Overflow Vulnerability

Source: CERT
Type: US Government Resource
TA10-131A

Source: MS
Type: UNKNOWN
MS10-031

Source: XF
Type: UNKNOWN
ms-vba-activex-bo(58170)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:7074

Vulnerable Configuration:

Configuration 1:

cpe:/a:microsoft:visual_basic_for_applications:*:*:*:*:*:*:*:*

OR cpe:/a:microsoft:visual_basic_sdk:6.3:*:*:*:*:*:*:*

OR cpe:/a:microsoft:visual_basic_sdk:6.4:*:*:*:*:*:*:*

OR cpe:/a:microsoft:visual_basic_sdk:6.5:*:*:*:*:*:*:*

Configuration 2:

cpe:/a:microsoft:office:2003:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:office:2007:sp1:*:*:*:*:*:*

OR cpe:/a:microsoft:office:2007:sp2:*:*:*:*:*:*

OR cpe:/a:microsoft:office:xp:sp3:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:microsoft:visual_basic_for_applications:*:*:*:*:*:*:*:*

AND

cpe:/a:microsoft:office:xp:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:office:2003:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:office:2007:sp1:*:*:*:*:*:*

OR cpe:/a:microsoft:office:2007:sp2:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:7074	V	VBE6.DLL Stack Memory Corruption Vulnerability	2014-05-26