Gå till innehåll

Do not open untrusted Office documents.


Recommended Posts

Microsoft Jet Database Engine Multiple Vulnerabilities

Secunia Advisory: SA14896 Release Date: 2005-04-12 Last Update: 2008-03-24

Critical: crit_4.gifHighly critical

Impact: System access

Where: From remote

Solution Status: Unpatched

OS:Microsoft Windows 2000 Advanced Server

Microsoft Windows 2000 Datacenter Server

Microsoft Windows 2000 Professional

Microsoft Windows 2000 Server

Microsoft Windows Server 2003 Datacenter Edition

Microsoft Windows Server 2003 Enterprise Edition

Microsoft Windows Server 2003 Standard Edition

Microsoft Windows Server 2003 Web Edition

Microsoft Windows Storage Server 2003

Microsoft Windows XP Home Edition

Microsoft Windows XP Professional


Software:Microsoft Office 2000

Microsoft Office 2003 Professional Edition

Microsoft Office 2003 Small Business Edition

Microsoft Office 2003 Standard Edition

Microsoft Office 2003 Student and Teacher Edition

Microsoft Office 2007

Microsoft Office Word 2007

Microsoft Office XP

Microsoft Word 2000

Microsoft Word 2002

Microsoft Word 2003


CVE reference:CVE-2005-0944 (Secunia mirror)

CVE-2007-6026 (Secunia mirror)

CVE-2008-1092 (Secunia mirror)



This advisory is currently marked as unpatched!

- Companies can be alerted when a patch is released!




Some vulnerabilities have been reported in Microsoft Jet Database Engine, which can be exploited by malicious people to compromise a user's system.


The vulnerabilities are caused due to a memory handling error and a boundary error in the Microsoft Jet Database Engine (msjet40.dll). This can be exploited to execute arbitrary code by e.g. tricking a user into opening a specially crafted Word document that automatically loads another file (e.g. a renamed ".mdb" file) in the same location as a JET database file.


NOTE: These vulnerabilities can also be exploited by tricking a user into opening a malicious ".mdb" file in Access. However, it should be noted that the ".mdb" file type is considered unsafe as it allows running arbitrary code when opened in Access. The gain from exploiting this vulnerability via Access is thus not greater than if a user is convinced into opening an ordinary ".mdb" file not exploiting any of these vulnerabilities.


The vulnerability only affects versions of msjet40.dll prior to 4.0.9505.0 and thus systems running Windows Server 2003 SP2, Windows Vista, and Windows Vista SP1 are not vulnerable.



Do not open untrusted Office documents.


Provided and/or discovered by:

HexView and cocoruder.

Microsoft Word attack vector reported as a 0-day.

mera där:

Ny säkerhetsbrist i Word | 2008-03-22 11:01 - IDG.se:

Microsoft varnar: Öppna inte worddokument från okända


I går gick Microsoft ut med en varning - öppna inga worddokument som du inte väntat att få eller som kommer från okända avsändare. En ny säkerhetsbrist har upptäckts och även andra officeprogram kan vara drabbade.

Länk till kommentar
Dela på andra webbplatser

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Svara i detta ämne...

×   Du har klistrat in innehåll med formatering.   Ta bort formatering

  Endast 75 max uttryckssymboler är tillåtna.

×   Din länk har automatiskt bäddats in.   Visa som länk istället

×   Ditt tidigare innehåll har återställts.   Rensa redigerare

×   You cannot paste images directly. Upload or insert images from URL.

  • Skapa nytt...