Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability

ring04h

团队执行官

Rank: 8 Rank: 8

E.S.T核心成员社区主管

帖子: 3910
精华: 128
积分: 209604
阅读权限: 200
性别: 男
在线时间: 1058 小时
注册时间: 2007-10-23
最后登录: 2008-5-13

资料收集奖运营支持奖

发短消息
加为好友
当前离线

楼主大中小发表于 2007-11-18 03:23 只看该作者

Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability

复制内容到剪贴板

代码:

Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability



by cocoruder(frankruder_at_hotmail.com)

[url]http://ruder.cdut.net[/url]





Summary:



  A remote code execute vulnerability exists in Microsoft Jet

Engine. A remote attacker who successfully exploit this vulnerability

can execute arbitrary code on the affected system.





Affected Software Versions:



  Microsoft Office Access 2003 sp3 on Windows XP SP2(chinese)

  (Other versions may also be affected)



How to Reproduce:



  Open the attached file

"Microsoft_Jet_Engine_MDB_File_Parsing_Exploit.mdb" with Office Access

2003 sp3 on Windows XP SP2, then "calc.exe" will be executed, please

do not use the exploit for attacking.



The attached file is at:

附件

Microsoft_Jet_Engine_MDB_File_Parsing_Exploit.rar (8 KB): 2007-11-18 03:23, 下载次数: 113

...退出这个无聊的娱乐圈!

TOP

‹‹ 上一主题 | 下一主题 ››

邪恶八进制信息安全团队技术讨论组 » 安全测试代码{ Exploits and Shellcode } » Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability