Summary
Detail | |||
---|---|---|---|
Vendor | Microsoft | First view | 1999-07-28 |
Product | Jet | Last view | 2008-03-06 |
Version | 4.0 | Type | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
9.3 | 2008-03-06 | CVE-2008-1200 | Unspecified vulnerability in Microsoft Access allows remote user-assisted attackers to execute arbitrary code via a crafted .MDB file, possibly related to Jet Engine (msjet40.dll). NOTE: this is probably a different issue than CVE-2007-6026. |
9.3 | 2007-11-19 | CVE-2007-6026 | Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944. |
7.5 | 2005-05-02 | CVE-2005-0944 | Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.8618.0, related to insufficient data validation, allows remote attackers to execute arbitrary code via a crafted mdb file. |
7.5 | 2004-06-01 | CVE-2004-0197 | Buffer overflow in Microsoft Jet Database Engine 4.0 allows remote attackers to execute arbitrary code via a specially-crafted database query. |
7.5 | 2002-09-05 | CVE-2002-0859 | Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code. |
7.2 | 1999-08-20 | CVE-2000-0325 | The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability. |
7.6 | 1999-07-28 | CVE-2000-0323 | The Microsoft Jet database engine allows an attacker to modify text files via a database query, aka the "Text I-ISAM" vulnerability. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:968 | MS Jet Database Buffer Overflow |
oval:org.mitre.oval:def:5578 | Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability |
SAINT Exploits
Description | Link |
---|---|
Microsoft Jet Engine MDB file ColumnName buffer overflow | More info here |
Microsoft Jet Database Engine buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
59322 | Microsoft Jet Database Crafted Query Arbitrary Command Execution |
44880 | Microsoft Windows msjet40.dll MDB File Handling Overflow |
43068 | Microsoft Access MDB File Handling Unspecified Arbitrary Code Execution |
15187 | Microsoft Jet Database msjet40.dll File Parsing Overflow |
5241 | Microsoft Jet Database Engine Remote Code Execution |
5064 | Microsoft SQL Server Jet Engine OpenDataSource Function Overflow |
1052 | Microsoft Jet Database Text I-ISAM Arbitrary File Modification |
OpenVAS Exploits
id | Description |
---|---|
2008-09-03 | Name : Windows Vulnerability in Microsoft Jet Database Engine File : nvt/win_CVE-2007-6026.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2008-A-0030 | Microsoft Jet Database Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0016013 |
Snort® IPS/IDS
Date | Description |
---|---|
2017-06-06 | Microsoft Jet DB Engine Buffer Overflow attempt RuleID : 42446 - Type : OS-WINDOWS - Revision : 2 |
2017-06-06 | Microsoft Jet DB Engine Buffer Overflow attempt RuleID : 42445 - Type : OS-WINDOWS - Revision : 2 |
2017-06-06 | Microsoft Jet DB Engine Buffer Overflow attempt RuleID : 42444 - Type : OS-WINDOWS - Revision : 2 |
2017-06-06 | Microsoft Jet DB Engine Buffer Overflow attempt RuleID : 42443 - Type : OS-WINDOWS - Revision : 2 |
2017-06-06 | Microsoft Jet DB Engine Buffer Overflow attempt RuleID : 42442 - Type : OS-WINDOWS - Revision : 2 |
2017-06-06 | Microsoft Jet DB Engine Buffer Overflow attempt RuleID : 42441 - Type : OS-WINDOWS - Revision : 2 |
2017-06-06 | Microsoft Jet DB Engine Buffer Overflow attempt RuleID : 42440 - Type : OS-WINDOWS - Revision : 2 |
2014-01-10 | Microsoft Office Access MSISAM file magic detected RuleID : 23718 - Type : FILE-IDENTIFY - Revision : 7 |
2014-01-10 | Microsoft Office Access TJDB file magic detected RuleID : 23717 - Type : FILE-IDENTIFY - Revision : 7 |
2014-01-10 | Microsoft Office Access JSDB file magic detected RuleID : 23716 - Type : FILE-IDENTIFY - Revision : 7 |
2014-01-10 | Microsoft Office Access file magic detected RuleID : 23715 - Type : FILE-IDENTIFY - Revision : 8 |
2014-01-10 | Microsoft Jet DB Engine Buffer Overflow attempt RuleID : 17413 - Type : OS-WINDOWS - Revision : 12 |
2014-01-10 | Microsoft Office Access MSISAM file magic detected RuleID : 13633 - Type : FILE-IDENTIFY - Revision : 18 |
2014-01-10 | Microsoft Office Access TJDB file magic detected RuleID : 13630 - Type : FILE-IDENTIFY - Revision : 18 |
2014-01-10 | Microsoft Office Access JSDB file magic detected RuleID : 13629 - Type : FILE-IDENTIFY - Revision : 18 |
2014-01-10 | Microsoft Office Access file magic detected RuleID : 13626 - Type : FILE-IDENTIFY - Revision : 22 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2008-05-13 | Name: Arbitrary code can be executed on the remote host through the database engine. File: smb_nt_ms08-028.nasl - Type: ACT_GATHER_INFO |
2004-04-13 | Name: Arbitrary code can be executed on the remote host through database engine. File: smb_nt_ms04-014.nasl - Type: ACT_GATHER_INFO |