[ skip to content ]

Microsoft Word Vulnerability

Vulnerability Description:
Microsoft Word - Microsoft Jet Database Engine MDB File Parsing Unspecified Remote Code Execution Vulnerability


Pertinent Details:

The Microsoft Jet Database Engine is susceptible to a remote code-execution vulnerability. Remote attackers can exploit this vulnerability to execute arbitrary machine code in the context of the user running the affected applications. This code execution vulnerability is caused by a buffer overflow in the Microsoft msjet40.dll file, also known as the Microsoft Jet Database Engine. A remote attacker can exploit this vulnerability by enticing a user to open a Microsoft Word file that is constructed to load the specially crafted database file using msjet40.dll.


A successful exploit will compromise the affected applications and most likely the computer operating system. A failed attack will most likely result in a denial-of-service condition.

This vulnerability is found in the following Microsoft Word versions:
Microsoft Word 2000 Service Pack 3
Microsoft Word 2002 Service Pack 3
Microsoft Word 2003 Service Pack 2
Microsoft Word 2003 Service Pack 3
Microsoft Word 2007
Microsoft Word 2007 Service Pack 1 on Microsoft Windows 2000
Microsoft Word 2007 Service Pack 1 on Windows XP
Microsoft Word 2007 Service Pack 1 on Windows Server 2003 Service Pack 1.


This vulnerability does not affect Windows Server 2003 Service Pack 2, Windows Vista, or Windows Vista Service Pack 1 as these environments contain a non-vulnerable version of the Jet Database Engine.

Microsoft has received reports of public exploit code.

More information can be found at the following URLs:
http://www.securityfocus.com/bid/28398
http://www.us-cert.gov/current/index.html#microsoft_releases_security_advisory

http://www.microsoft.com/technet/security/advisory/950627.mspx
http://www.isc.sans.org/diary.html?storyid=4183

RISK:

This risk definition refers to the risk to the system owner.


Government:
Large and medium government entities:  High
Small government entities:  High


Business:
Large and medium business entities:  High
Small business entities:  High


Home users:  High


Do not open or save any Microsoft Word files that you receive from unknown or non-trusted sources. Confirm the transmission of any files received in email from trusted sources prior to opening or saving the Microsoft Word file.


Once Microsoft makes a patch available, download and install the patch as soon as possible.