Bugtraq mailing list archives

Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Sun, 18 Nov 2007 01:58:02 +0200 (EET)

There is a well-known unpatched code execution type vulnerability reported originally in msjet40.dll version 
4.00.8618.0 too.
This issue reported by HexView is known since March 2005:

http://www.securityfocus.com/bid/12960
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0944

We probably don't see a fix for this issue.

- Juha-Matti

"CaseArmour.net Security Administrator" <security () casearmour net> kirjoitti:

It would be useful to know if this is also an issue with msjet40.dll
4.0.9510.0 (Windows Server 2003 SP2 + hotfixes).  I have an installer
for Windows XP SP2 that -- seems -- to cleanly apply Windows Server 2003
SP2's MDAC 2.82.  I haven't been able to give it a serious, hard testing
because I don't have many apps that still use MDAC.

On Fri, 16 Nov 2007 19:25:29 +0800, "cocoruder" <cocoruder () gmail com>
said:
>
>     (C:\Windows\System32\msjet40.dll, version is 4.0.8618.0)

Current thread:

Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability cocoruder (Nov 16)
- Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability CaseArmour.net Security Administrator (Nov 17)
- <Possible follow-ups>
- Re: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability Juha-Matti Laurio (Nov 19)
  - Re: [Full-disclosure] Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability jf (Nov 19)