Windows Vulnerability In Microsoft Jet Database Engine Network Vulnerability

Summary

The remote host is probably affected by the vulnerability described in CVE-2007-6026 Impact Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.

Solution

All Users should upgrade to the latest version.

References

http://securitytracker.com/alerts/2007/Nov/1018976.html
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6026
http://www.microsoft.com/technet/security/bulletin/ms08-028.mspx
http://www.us-cert.gov/cas/techalerts/TA08-134A.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2007-6026

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Microsoft Expression Design Remote Code Execution Vulnerability (2651018)
Microsoft .NET Framework Authentication Bypass and Spoofing Vulnerabilities (2836440)
Cumulative Security Update for Internet Explorer (937143)
Microsoft Foundation Class (MFC) Library Remote Code Execution Vulnerability (2500212)
Microsoft DirectShow Remote Code Execution Vulnerability (977935)

Windows Vulnerability in Microsoft Jet Database Engine

Take action and discover your vulnerabilities