Summary
Microsoft Access Snapshot in Microsoft Office Access is prone to ActiveX control vulnerabilities.
Impact
Exploitation involves convincing the victim to view an HTML document (eg., web page, HTML email, or email attachment). When a user views the web page, the vulnerability could allow remove code execution.
Impact Level : System
Solution
Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link.
http://www.microsoft.com/technet/security/bulletin/ms08-041.mspx
Insight
Overview: Microsoft Access Snapshot in Microsoft Office Access is prone to ActiveX control vulnerabilities.
The ActiveX control for viewing a snapshot of Microsoft Access report. A specially crafted Web site, when visited can inject arbitrary code because of a vulnerability in the ActiveX control.
Affected
MS Access Snapshot (with/without) MS Office Access (2000/2002/2003) - Windows (All).
References
Severity
Classification
-
CVE CVE-2008-2463 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Microsoft RDP Server Private Key Information Disclosure Vulnerability
- Adobe AIR JavaScript Code Execution Vulnerability
- Microsoft SharePoint '_layouts/help.aspx' Cross Site Scripting Vulnerability
- Microsoft .NET 'ASP.NET' Cross-Site Scripting vulnerability
- Opera remote location object cross-domain scripting vulnerability