Buffer Overflow in Microsoft Jet Engine Affects Access 2003
CVE-2007-6026

Currently unrated

Key Information:

Vendor: Microsoft
Status: Jet; Office
Vendor: CVE Published:; 20 November 2007

What is CVE-2007-6026?

The vulnerability pertains to a stack-based buffer overflow in the Microsoft Jet Engine, utilized by Microsoft Access 2003 SP3. This flaw arises when processing a specially crafted MDB database file that contains a structured column definition with an altered column count. Attackers may exploit this weakness through user interaction, leading to the potential execution of arbitrary code within the context of the application. Users are encouraged to apply the latest security updates provided by Microsoft to safeguard against such exploits.

References

http://dvlabs.tippingpoint.com/advisory/TPTI-08-04

x_refsource_MISC

http://www.kb.cert.org/vuls/id/936529

third-party-advisoryx_refsource_CERT-VN

http://www.securityfocus.com/archive/1/483858/100/100/thr...

mailing-listx_refsource_BUGTRAQ

EPSS Score

69% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2007
Vulnerability Reserved
Nov 19, 2007