9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.842 High
EPSS
Percentile
98.5%
Added: 11/23/2007
CVE: CVE-2007-6026
BID: 26468
OSVDB: 44880
The Microsoft Jet Database Engine provides data access functionality for a number of applications.
A buffer overflow vulnerability in the Microsoft Jet Database Engine could lead to command execution when a user opens an MDB file containing a large ColumnName length.
Do not open MDB files from untrustworthy sources.
<http://archives.neohapsis.com/archives/fulldisclosure/2007-11/0392.html>
Exploit works on Microsoft Access 2000 SP3 and requires a user to download and open an MDB file in Microsoft Access.
Windows