Windows Vulnerability In Microsoft Jet Database Engine Network Vulnerability

Summary

The remote host is probably affected by the vulnerability described in CVE-2007-6026 Impact Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.

Solution

All Users should upgrade to the latest version.

References

http://securitytracker.com/alerts/2007/Nov/1018976.html
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6026
http://www.microsoft.com/technet/security/bulletin/ms08-028.mspx
http://www.us-cert.gov/cas/techalerts/TA08-134A.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-6026
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Cumulative Security Update for Internet Explorer (972260)
Message Queuing Remote Code Execution Vulnerability (951071)
Microsoft .NET Common Language Runtime Code Execution Vulnerability (974378)
Microsoft .NET Framework Remote Code Execution Vulnerabilities (2878890)
Microsoft DirectShow Remote Code Execution Vulnerability (2929961)

Windows Vulnerability in Microsoft Jet Database Engine

Take action and discover your vulnerabilities