Vulnerability CVE-2007-6026


Published: 2007-11-19   Modified: 2012-02-12

Description:
Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.

See advisories in our WLB2 database:
Topic
Author
Date
High
Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability
cocoruder
20.11.2007

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

Vendor: Microsoft
Product: JET 
Version: 4.0.8618.0;
Product: Windows nt 
Version: 4.0;
Product: Office 
Version: 2003;
Product: Windows xp 
Product: Windows 2000 
Product: Windows 2003 server 

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
9.3/10
10/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://dvlabs.tippingpoint.com/advisory/TPTI-08-04
http://lists.grok.org.uk/pipermail/full-disclosure/2007-November/058531.html
http://marc.info/?l=bugtraq&m=121129490723574&w=2
http://ruder.cdut.net/blogview.asp?logID=227
http://securityreason.com/securityalert/3376
http://www.kb.cert.org/vuls/id/936529
http://www.securityfocus.com/archive/1/483797/100/0/threaded
http://www.securityfocus.com/archive/1/483858/100/100/threaded
http://www.securityfocus.com/archive/1/483887/100/100/threaded
http://www.securityfocus.com/archive/1/483888/100/100/threaded
http://www.securityfocus.com/archive/1/492019/100/0/threaded
http://www.securityfocus.com/bid/26468
http://www.securityfocus.com/bid/28398
http://www.securitytracker.com/id?1018976
http://www.us-cert.gov/cas/techalerts/TA08-134A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028
https://exchange.xforce.ibmcloud.com/vulnerabilities/38499
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5578

Related CVE
CVE-2019-1137
A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'.
CVE-2019-1136
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'.
CVE-2019-1134
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
CVE-2019-1132
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
CVE-2019-1130
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1129.
CVE-2019-1129
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1130.
CVE-2019-1128
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019...
CVE-2019-1127
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1117, CVE-2019-1118, CVE-2019-1119, CVE-2019-1120, CVE-2019...

Copyright 2019, cxsecurity.com

 

Back to Top