General discussion

Locked

MS Jet Database flaws --access, and vb affected

By Jaqui ·
MODERATE: Microsoft Jet Database Engine Overflow
Affected:
Jet Database Engine all versions

Description: The Jet Database Engine Msjet40.dll) is Microsoft's relational database engine that handles the entire task of database processing for Microsoft Access and Visual Basic. This engine reportedly contains a buffer overflow that can be triggered by a specially crafted ".mdb" Access database file. The flaw, according to the discoverer, can be easily exploited to execute code on a Windows client system. In order
to exploit this flaw, an attacker has to supply the malicious .mdb file via web, email, peer-to-peer sharing etc to the victim. Note that
Internet Explorer and other browsers do not automatically open the attacker-supplied ".mdb" file. Hence, user interaction is required to
leverage this flaw.

A proof-of-concept database file has been publicly posted.

The discoverer also mentions other denial-of-service flaws in this DLL for which no technical details have been posted.

Status: Microsoft has not confirmed; no patches are available. The flaw also affects third party applications that use msjet40.dll.

Council Site Actions: Most of the council sites are waiting for confirmation and a patch from the vendor and plan to deploy the patch once available. One site commented they have no plans to patch at this time, and will instead rely on their implementation of the Cisco Security Agent to prevent this exploit from occurring.

References:
Posting by HexView (the discoverer)
http://archives.neohapsis.com/archives/fulldisclosure/2005-03/0895.html
Microsoft Jet Database Engine Overview
http://msdn.microsoft.com/archive/en-us/dnaraccessdev/html/odc_jetdatabaseengine20ausersoverview.asp
SecurityFocus BID
http://www.securityfocus.com/bid/12960

This conversation is currently closed to new comments.

0 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Back to Security Forum
0 total posts (Page 1 of 1)  

Related Discussions

Related Forums