What is the severity of CVE-2010-0815?

CVE-2010-0815 has a critical severity level as it allows remote execution of arbitrary code.

How do I fix CVE-2010-0815?

To mitigate CVE-2010-0815, users should apply the appropriate updates provided by Microsoft for their affected software.

Which software versions are affected by CVE-2010-0815?

CVE-2010-0815 affects Microsoft Office XP SP3, Office 2003 SP3, and Office 2007 SP1 and SP2, along with Visual Basic for Applications 6.3 to 6.5.

What type of vulnerability is CVE-2010-0815?

CVE-2010-0815 is classified as a remote code execution vulnerability due to improper handling of ActiveX controls.

Can I be attacked through documents due to CVE-2010-0815?

Yes, attackers can exploit CVE-2010-0815 by embedding malicious ActiveX controls in documents, leading to potential remote code execution.

Vulnerability/
CVE-2010-0815

critical

9.3

CWE

12/5/2010

7/8/2024

CVE-2010-0815: Code Injection

First published: Wed May 12 2010(Updated: )

VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "VBE6.DLL Stack Memory Corruption Vulnerability."

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Visual Basic SDK	=6.3
Microsoft Visual Basic SDK	=6.4
Microsoft Visual Basic for Applications
Microsoft Visual Basic SDK	=6.5
Microsoft Office	=xp-sp3
Microsoft Office	=2007-sp2
Microsoft Office	=2007-sp1
Microsoft Office	=2003-sp3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-0815?
CVE-2010-0815 has a critical severity level as it allows remote execution of arbitrary code.
How do I fix CVE-2010-0815?
To mitigate CVE-2010-0815, users should apply the appropriate updates provided by Microsoft for their affected software.
Which software versions are affected by CVE-2010-0815?
CVE-2010-0815 affects Microsoft Office XP SP3, Office 2003 SP3, and Office 2007 SP1 and SP2, along with Visual Basic for Applications 6.3 to 6.5.
What type of vulnerability is CVE-2010-0815?
CVE-2010-0815 is classified as a remote code execution vulnerability due to improper handling of ActiveX controls.
Can I be attacked through documents due to CVE-2010-0815?
Yes, attackers can exploit CVE-2010-0815 by embedding malicious ActiveX controls in documents, leading to potential remote code execution.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/references
agent/weakness
agent/last-modified-date
agent/author
agent/event
agent/description
agent/first-publish-date
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/microsoft
canonical/microsoft visual basic sdk
version/microsoft visual basic sdk/6.3
version/microsoft visual basic sdk/6.4
canonical/microsoft visual basic for applications
version/microsoft visual basic sdk/6.5
canonical/microsoft office
version/microsoft office/xp-sp3
version/microsoft office/2007-sp2
version/microsoft office/2007-sp1
version/microsoft office/2003-sp3

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.