funsec mailing list archives
Re: Redmond issued a warning about targeted attacks using MS Jet vulnerability
From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Sun, 23 Mar 2008 12:11:48 +0200 (EET)
It appears that BID28398 has been retired. "This issue is a duplicate of the vulnerability discussed in BID 26468 (Microsoft Jet DataBase Engine MDB File Parsing Remote Buffer Overflow Vulnerability)" New reference: http://www.securityfocus.com/bid/26468 Juha-Matti Juha-Matti Laurio <juha-matti.laurio () netti fi> kirjoitti:
Microsoft Security Advisory (950627) Vulnerability in Microsoft Jet Database Engine (Jet) Could Allow Remote Code Execution Published: March 21, 2008 "Microsoft is investigating new public reports of very limited, targeted attacks using a vulnerability in the Microsoft Jet Database Engine that can be exploited through Microsoft Word. Customers using Microsoft Word 2000 Service Pack 3, Microsoft Word 2002 Service Pack 3, Microsoft Word 2003 Service Pack 2, Microsoft Word 2003 Service Pack 3, Microsoft Word 2007, and Microsoft Word 2007 Service Pack 1 on Microsoft Windows 2000, Windows XP, or Windows Server 2003 Service Pack 1 are vulnerable to these attacks." The advisory is located at http://www.microsoft.com/technet/security/advisory/950627.mspx BID28398: http://www.securityfocus.com/bid/28398 Juha-Matti
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Redmond issued a warning about targeted attacks using MS Jet vulnerability Juha-Matti Laurio (Mar 22)
- <Possible follow-ups>
- Re: Redmond issued a warning about targeted attacks using MS Jet vulnerability Juha-Matti Laurio (Mar 23)