Microsoft Jet Database Engine buffer overflow

Added: 03/24/2006
CVE: CVE-2005-0944
BID: 12960
OSVDB: 15187

Background

The Microsoft Jet Database Engine provides data access functionality for a number of applications.

Problem

An input validation vulnerability in the Microsoft Jet Database Engine could lead to command execution when a user opens a specially crafted Microsoft Access file.

Resolution

Avoid opening Microsoft Access database files from untrusted sources.

References

http://www.kb.cert.org/vuls/id/176380

Limitations

Successful exploitation requires a user to download the exploit file and open it in Microsoft Access.

Platforms

Windows

Back to exploit index