Back to search
CVE-2007-6026
Published: Nov 20, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://dvlabs.tippingpoint.com/advisory/TPTI-08-04
x_refsource_MISC
VU#936529
third-party-advisory
x_refsource_CERT-VN
20071116 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability
mailing-list
x_refsource_BUGTRAQ
20071118 Re: [Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability
mailing-list
x_refsource_BUGTRAQ
MS08-028
vendor-advisory
x_refsource_MS
3376
third-party-advisory
x_refsource_SREASON
oval:org.mitre.oval:def:5578
vdb-entry
signature
x_refsource_OVAL
20080513 TPTI-08-04: Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability
mailing-list
x_refsource_BUGTRAQ
28398
vdb-entry
x_refsource_BID
SSRT080071
vendor-advisory
x_refsource_HP
20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability
mailing-list
x_refsource_FULLDISC
26468
vdb-entry
x_refsource_BID
20071117 Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability
mailing-list
x_refsource_BUGTRAQ
TA08-134A
third-party-advisory
x_refsource_CERT
http://ruder.cdut.net/blogview.asp?logID=227
x_refsource_MISC
1018976
vdb-entry
x_refsource_SECTRACK
HPSBST02336
vendor-advisory
x_refsource_HP
microsoft-jet-engine-mdb-bo(38499)
vdb-entry
x_refsource_XF
20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now