A file parsing stack overflow vulnerability has been discovered in Microsoft's JET implementation (as shipped with Microsoft Office 2003), allowing for arbitrary code execution once the victim interacts with a malicious JET-dependent file (such as an Access file).

Sample exploit code is readily available. The discoverer points out that some web hosting services will be vulnerable, as .asp and .mdb files can act as a vehicle for this vulnerability - which is then activated through a "ADODB.Connection".

Description:

Even though it has been deprecated in favour of the SQL Server 2005 Compact and Express Editions, many applications still require JET-style database access. A remote code execution vulnerability has been discovered with JET, as supplied with Microsoft Office 2003, complete with detailed vulnerability breakdown and sample exploit code.

Microsoft have indicated to the discoverer that they will not be patching the vulnerability as it has been discovered and demonstrated. The discoverer points out that some web hosting services will be vulnerable, as .asp and .mdb files can act as a vehicle for this vulnerability - which is then activated through a "ADODB.Connection".

Mitigation:

Consider updating requirements for JET support to one of the SQL Server 2005 editions, and be cautious about interacting with Access and other JET-dependent files from unexpected sources.

Updates:

Will not be made available

Source:

http://ruder.cdut.net/blogview.asp?logID=227

Exploits:

http://ruder.cdut.net/blogview.asp?logID=227

Not yet Available