{"vuid":"VU#176380","idnumber":"176380","name":"Microsoft Jet Database Engine fails to properly validate Access database files","keywords":["Microsoft","Jet Database Engine","JetDB","DoS","denial of service","msjet40.dll","database file"],"overview":"A vulnerability in the Microsoft Jet database engine could allow a remote attacker to execute code of their choice on a vulnerable system.","clean_desc":"The Microsoft Jet Database Engine (Jet) provides data access functionality to a number of other Microsoft and many third party applications. An input validation error in the way that the Jet engine library handles the database files used by Microsoft Access (.mdb files) results in a vulnerability that could allow a remote attacker to execute code on a vulnerable system. In order to exploit this vulnerability, the attacker would need the ability to supply a specially crafted .mdb file and coax or trick a user into opening it. The malicious .mdb file could be supplied remotely by a number of methods including, but not limited to, a web page, an email message, or a shared network folder.","impact":"A remote, unauthenticated attacker with the ability to supply a specially crafted .mdb file could execute code of their choice on a vulnerable system. The attacker-supplied code would be executed with the same privileges as the user context of the application using the Jet Database Engine.","resolution":"The CERT/CC is currently unaware of a practical solution to this problem.","workarounds":"Workarounds Avoid opening Microsoft Access Database (.mdb) files from untrusted sources.","sysaffected":"","thanks":"This vulnerability was originally reported by researchers at \nHexView","author":"This document was written by Chad R Dougherty.","public":["http://marc.theaimsgroup.com/?l=bugtraq&m=111231465920199&w=2","http://www.hexview.com/docs/20050331-1.txt","http://secunia.com/advisories/14896/","http://www.securityfocus.com/bid/12960"],"cveids":["CVE-2005-0944"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2005-04-01T19:12:36Z","publicdate":"2005-03-31T00:00:00Z","datefirstpublished":"2005-10-03T19:55:39Z","dateupdated":"2005-10-03T19:55:39Z","revision":10,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"20","cam_exploitation":"10","cam_internetinfrastructure":"8","cam_population":"10","cam_impact":"15","cam_easeofexploitation":"2","cam_attackeraccessrequired":"20","cam_scorecurrent":"4.275","cam_scorecurrentwidelyknown":"4.275","cam_scorecurrentwidelyknownexploited":"5.4","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":4.275,"vulnote":null}