oval:org.mitre.oval:def:11756

Definition Id: oval:org.mitre.oval:def:11756

Oval ID:	oval:org.mitre.oval:def:11756
Title:	ACCWIZ.dll Uninitialized Variable Vulnerability
Description:	The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 does not properly interact with the memory-access approach used by Internet Explorer and Office during instantiation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTML document that references this control along with crafted persistent storage data, aka "ACCWIZ.dll Uninitialized Variable Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2010-1881	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows 7	Product(s):	Microsoft Access 2003
Definition Synopsis:
Access 2003 SP3 or greater is installed AND Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\11.0\Access\InstallRoot!Path exists AND Accwiz.dll version is less than 11.0.8325.0