Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability

pub!1c

魔

团队执行官

Rank: 8 Rank: 8

E.S.T核心成员

帖子: 3926
精华: 128
积分: 209876
阅读权限: 200
性别: 男
在线时间: 1117 小时
注册时间: 2007-10-23
最后登录: 2008-11-17

资料收集奖运营支持奖

发短消息
加为好友
当前离线

楼主大中小发表于 2007-11-18 03:23 只看该作者

Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability

复制内容到剪贴板

代码:

Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability



by cocoruder(frankruder_at_hotmail.com)

[url]http://ruder.cdut.net[/url]





Summary:



  A remote code execute vulnerability exists in Microsoft Jet

Engine. A remote attacker who successfully exploit this vulnerability

can execute arbitrary code on the affected system.





Affected Software Versions:



  Microsoft Office Access 2003 sp3 on Windows XP SP2(chinese)

  (Other versions may also be affected)



How to Reproduce:



  Open the attached file

"Microsoft_Jet_Engine_MDB_File_Parsing_Exploit.mdb" with Office Access

2003 sp3 on Windows XP SP2, then "calc.exe" will be executed, please

do not use the exploit for attacking.



The attached file is at:

附件

Microsoft_Jet_Engine_MDB_File_Parsing_Exploit.rar (8 KB): 2007-11-18 03:23, 下载次数: 188

TOP

‹‹ 上一主题 | 下一主题 ››

邪恶八进制信息安全团队技术讨论组 » 安全测试代码{ Exploits and Shellcode } » Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability