Microsoft Visual Basic — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Visual Basic, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (19)
CVE-2003-0347 — CVSS 10.0 (critical): Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote…
CVE-2006-4732 — CVSS 10.0 (critical): Unspecified vulnerability in Microsoft Visual Basic (VB) 6 has an unknown impact ("overflow") via a project that contains a certain Click…
CVE-2007-0065 — CVSS 10.0 (critical): Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2…
CVE-2008-3704 — CVSS 9.3 (critical): Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in…
CVE-2007-2224 — CVSS 9.3 (critical): Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Office 2004 for Mac…
CVE-2007-2884 — CVSS 9.3 (critical): Multiple stack-based buffer overflows in Microsoft Visual Basic 6 allow user-assisted remote attackers to cause a denial of service (CPU…
CVE-2008-0392 — CVSS 9.3 (critical): Multiple buffer overflows in Microsoft Visual Basic Enterprise Edition 6.0 SP6 allow user-assisted remote attackers to execute arbitrary…
CVE-2007-4776 — CVSS 9.3 (critical): Buffer overflow in Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6 allows user-assisted remote attackers to execute arbitrary…
CVE-2008-4255 — CVSS 9.3 (critical): Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual…
CVE-2004-0200 — CVSS 9.3 (critical): Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows…
CVE-2008-4256 — CVSS 8.5 (high): The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1…
CVE-2008-4253 — CVSS 8.5 (high): The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and…
CVE-2008-4254 — CVSS 8.5 (high): Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0…
CVE-2008-4252 — CVSS 8.5 (high): The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors…
CVE-2001-0153 — CVSS 7.5 (high): Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute…
CVE-2006-3649 — CVSS 5.1 (medium): Buffer overflow in Microsoft Visual Basic for Applications (VBA) SDK 6.0 through 6.4, as used by Microsoft Office 2000 SP3, Office XP SP3…
CVE-1999-0384 — CVSS 4.6 (medium): The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the…