Spyware Doctor
Spyware Doctor with AntiVirus
PC Tools AntiVirus
PC Tools Internet Security
PC Tools Firewall Plus
ThreatFire
Spam Monitor
Registry Mechanic
Desktop Maestro
File Recover
Privacy Guardian
Spyware Doctor Enterprise
Help me choose
Unchecked buffer in Microsoft Access Snapshot Viewer New
A security vulnerability exists in the Microsoft Access 97, 2000 and 2002 Snapshot Viewer which could allow an attacker to execute code of their choice by persuading a user to open an affected document
Issue
With Microsoft Access Snapshot Viewer, you can distribute a snapshot of a Microsoft Access database that allows the snapshot to be viewed without having Access installed. For example, a customer may want to send a supplier an invoice that is generated by using an Access database. With Microsoft Access Snapshot Viewer, the customer can package the database so that the supplier can view it and print it without having Access installed. The Microsoft Access Snapshot Viewer is available with all versions of Access - though it is not installed by default - and is also available as a separate stand-alone download. The Snapshot Viewer is implemented by using an ActiveX control.
A vulnerability exists because of a flaw in the way that Snapshot Viewer validates parameters. Because the parameters are not correctly checked, a buffer overrun can occur, which could allow an attacker to execute the code of their choice in the security context of the logged-on user.
For an attack to be successful, an attacker would have to persuade a user to visit a malicious Web site that is under the attacker’s control.
Affected Products
- Microsoft Access 97
- Microsoft Access 2000
- Microsoft Access 2002
Download
Software patches are available from the following locations:
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: September 4, 2003
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
