Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability
[code]Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability
by cocoruder(frankruder_at_hotmail.com)
[url]http://ruder.cdut.net[/url]
Summary:
A remote code execute vulnerability exists in Microsoft Jet
Engine. A remote attacker who successfully exploit this vulnerability
can execute arbitrary code on the affected system.
Affected Software Versions:
Microsoft Office Access 2003 sp3 on Windows XP SP2(chinese)
(Other versions may also be affected)
How to Reproduce:
Open the attached file
"Microsoft_Jet_Engine_MDB_File_Parsing_Exploit.mdb" with Office Access
2003 sp3 on Windows XP SP2, then "calc.exe" will be executed, please
do not use the exploit for attacking.
The attached file is at:
[/code]
页:
[1]