Bugtraq mailing list archives

Re: [HV-HIGH] Microsoft Jet DB engine vulnerabilities

From: Son SonOfLilit <sonoflilit () gmail com>
Date: Mon, 4 Apr 2005 20:23:29 +0200

Or perhaps you have some macros running on every file (WordXP throws
me a warning every time I open a DOC since I installed MathType, which
extends Office through VBA scripts. Guess WordXP has some kind of
".login" / "autoexec.bat" file - a "initialization" script, that
MathType hooks up through... Never bothered to research into it)

(Sorry for the empty mail I mistakenly sent earlier)

On Apr 3, 2005 7:13 PM, Steve Shockley <steve.shockley () shockley net> wrote:

Denis Jedig wrote:

Newer Access versions throw a security warning if the VBA code is not
signed and let the user disable VBA execution. The issue highlighted by
hexview is able to circumvent this security-related feature.


Access 2003 on WinXP SP2 throws a security warning when I open any
Access file, even one without VBA.  I believe that's new with WinXP SP2.

Current thread:

[HV-HIGH] Microsoft Jet DB engine vulnerabilities vuln (Mar 31)
- Re: [HV-HIGH] Microsoft Jet DB engine vulnerabilities Thor (Hammer of God) (Apr 01)
  - Re: [HV-HIGH] Microsoft Jet DB engine vulnerabilities Denis Jedig (Apr 02)
    - Re: [HV-HIGH] Microsoft Jet DB engine vulnerabilities Thor (Hammer of God) (Apr 04)
    - Re: [HV-HIGH] Microsoft Jet DB engine vulnerabilities Steve Shockley (Apr 04)
    - Re: [HV-HIGH] Microsoft Jet DB engine vulnerabilities Son SonOfLilit (Apr 04)