Vulnerability CVE-2007-6357
Published: 2007-12-14   Modified: 2012-02-12

Description:
Stack-based buffer overflow in Microsoft Office Access allows remote, user-assisted attackers to execute arbitrary code via a crafted Microsoft Access Database (.mdb) file. NOTE: due to the lack of details as of 20071210, it is not clear whether this issue is the same as CVE-2007-6026 or CVE-2005-0944.

Type:

CWE-119

 (Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5.8/10
4.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None
Affected software
Microsoft -> Access 

 References:
http://www.us-cert.gov/current/index.html#microsoft_access_database_file_attachment
http://www.informationweek.com/shared/printableArticle.jhtml?articleID=204802012
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9052538&source=rss_topic17
http://osvdb.org/44150
Copyright 2024, cxsecurity.com

 

Back to Top