header-logo
Suggest Exploit
vendor:
Microsoft Access
by:
Google Security Research
8,8
CVSS
HIGH
Unbounded Search for Objects
119
CWE
Product Name: Microsoft Access
Affected Version From: Microsoft Access 2007
Affected Version To: Microsoft Access 2016
Patch Exists: YES
Related CWE: CVE-2015-2545
CPE: o:microsoft:access
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2015

Microsoft Access Unbounded Search for Objects

The attached Microsoft Access Database causes JetDb::IsExploited4x to be called, which contains an unbounded search for objects. This can lead to a denial of service or information disclosure.

Mitigation:

Upgrade to the latest version of Microsoft Access.
Source

Exploit-DB raw data:

Source: https://code.google.com/p/google-security-research/issues/detail?id=551

The attached Microsoft Access Database causes JetDb::IsExploited4x to be called, which contains an unbounded search for objects.

Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38932.zip

Navigation

Suggest Exploit

Services By CQR