CVE-2007-6026

Currently unrated

Key Information:

Vendor: Microsoft
Status: Jet; Office
Vendor: CVE Published:; 20 November 2007

Summary

Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.

References

http://dvlabs.tippingpoint.com/advisory/TPTI-08-04

x_refsource_MISC

http://www.kb.cert.org/vuls/id/936529

third-party-advisoryx_refsource_CERT-VN

http://www.securityfocus.com/archive/1/483858/100/100/thr...

mailing-listx_refsource_BUGTRAQ

EPSS Score

81% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 20, 2007
Vulnerability Reserved
Nov 19, 2007

Collectors

NVD DatabaseMitre Database