[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Microsoft Jet Engine MDB File Parsing Stack Overflow PoC

Author
cocoruder
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-7742
Category
local exploits
Date add
16-11-2007
Platform
unsorted
========================================================
Microsoft Jet Engine MDB File Parsing Stack Overflow PoC
========================================================


Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability

by cocoruder(frankruder_at_hotmail.com)
http://ruder.cdut.net


Summary:

    A remote code execute vulnerability exists in Microsoft Jet
Engine. A remote attacker who successfully exploit this vulnerability
can execute arbitrary code on the affected system.


Affected Software Versions:

    Microsoft Office Access 2003 sp3 on Windows XP SP2(chinese)
    (Other versions may also be affected)

How to Reproduce:

    Open the attached file
"Microsoft_Jet_Engine_MDB_File_Parsing_Exploit.mdb" with Office Access
2003 sp3 on Windows XP SP2, then "calc.exe" will be executed, please
do not use the exploit for attacking.

The attached file is at:

11162007-Microsoft_Jet_Engine_MDB_File_Parsing_Exploit.rar

    MD5 Hash:73243B8823C8DC2C88AE0529CA13C4C6


back: http://inj3ct0r.com/sploits/518.zip



#  0day.today [2024-12-24]  #