CVE-2007-4776

Name of the Vulnerable Software and Affected Versions: Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6

Description: The issue is related to a buffer overflow that can be triggered by a Visual Basic project (vbp) file with a long Reference line. This can potentially allow remote attackers to execute arbitrary code, but it is noted that there are limited usage scenarios under which this would be a vulnerability. The issue is related to the VBP Open and OLE functions.

Recommendations: For Microsoft Visual Basic 6.0 and Enterprise Edition 6.0 SP6, consider avoiding the use of long Reference lines in Visual Basic project files until a fix is available. As a temporary workaround, restrict the handling of vbp files to minimize the risk of exploitation.