funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Redmond issued a warning about targeted attacks using MS Jet vulnerability

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Sun, 23 Mar 2008 12:11:48 +0200 (EET)
It appears that BID28398 has been retired.

"This issue is a duplicate of the vulnerability discussed in BID 26468 (Microsoft Jet DataBase Engine MDB File Parsing 
Remote Buffer Overflow Vulnerability)"

New reference:
http://www.securityfocus.com/bid/26468

Juha-Matti


Juha-Matti Laurio <juha-matti.laurio () netti fi> kirjoitti: 

Microsoft Security Advisory (950627)
Vulnerability in Microsoft Jet Database Engine (Jet) Could Allow Remote Code Execution
Published: March 21, 2008

"Microsoft is investigating new public reports of very limited, targeted attacks using a vulnerability in the 
Microsoft Jet Database Engine that can be exploited through Microsoft Word.

Customers using Microsoft Word 2000 Service Pack 3, Microsoft Word 2002 Service Pack 3, Microsoft Word 2003 Service 
Pack 2, Microsoft Word 2003 Service Pack 3, Microsoft Word 2007, and Microsoft Word 2007 Service Pack 1 on Microsoft 
Windows 2000, Windows XP, or Windows Server 2003 Service Pack 1 are vulnerable to these attacks."

The advisory is located at
http://www.microsoft.com/technet/security/advisory/950627.mspx

BID28398:
http://www.securityfocus.com/bid/28398

Juha-Matti

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: