Microsoft Windows Knowledge Base Article 950749 update not installed

win-ms08kb950749-update (42095) The risk level is classified as LowLow Risk

Description:

Microsoft Windows Knowledge Base Article 950749 update is not installed on the system, which could allow an attacker to exploit the following vulnerability:

Microsoft Jet Engine is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when parsing a MDB file. By persuading a victim to open a specially-crafted MDB file, a remote attacker could cause the victim's application to crash or possibly execute arbitrary code on the victim's system with the privileges of the victim. An attacker could exploit this vulnerability by sending the malicious file as an email attachment or hosting it on a Web site.

Microsoft Jet Database Engine (msjet40.dll) is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when parsing a Word file. By persuading a victim to open a specially-crafted Word file, a remote attacker could cause the victim's application to crash or possibly execute arbitrary code on the victim's system with the privileges of the victim. An attacker could exploit this vulnerability by sending the malicious file as an email attachment or by hosting it on a Web site.

Platforms Affected:

  • Microsoft, Jet 4.0

Remedy:

Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS08-028. See References.

Consequences:

Informational

References:

  • IBM Internet Security Systems X-Force Database, Microsoft Jet Database Engine MDB file buffer overflow at http://xforce.iss.net/xforce/xfdb/38499.
  • IBM Internet Security Systems X-Force Database, Microsoft Jet Database Engine Word file buffer overflow at http://xforce.iss.net/xforce/xfdb/41380.
  • Microsoft Security Bulletin MS08-028, Vulnerability in Microsoft Jet Database Engine (Jet) Could Allow Remote Code Execution (950749) at http://www.microsoft.com/technet/security/Bulletin/MS08-028.mspx.
  • CVE-2007-6026: Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.
  • CVE-2008-1092: Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. NOTE: as of 20080513, Microsoft has stated that this is the same issue as CVE-2007-6026.

Reported:

Not available

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page