Insufficient Data Validation in Microsoft Jet DB Engine Allows Remote Code Execution
CVE-2005-0944

Currently unrated

Key Information:

Vendor: Microsoft
Status: Jet
Vendor: CVE Published:; 2 May 2005

Summary

The Microsoft Jet DB engine is exposed to a vulnerability stemming from insufficient data validation. This flaw enables attackers to craft malicious MDB files that, when opened, could lead to arbitrary code execution under the context of the user running the Jet engine. By exploiting this vulnerability, an attacker can potentially gain unauthorized control over affected systems, making it crucial to apply security patches and validate the origin of MDB files routinely.

References

http://www.securityfocus.com/archive/1/442610/100/100/thr...

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=bugtraq&m=111231465920199&w=2

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/archive/1/442446/100/100/thr...

mailing-listx_refsource_BUGTRAQ

EPSS Score

35% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Apr 3, 2005