http://www.microsoft.com/technet/security/bulletin/MS03-038.asp

Unchecked buffer in Microsoft Access Snapshot Viewer Could Allow Code =
Execution (827104)

Originally posted:  September 3, 2003

Summary

Who should read this bulletin: Customers who use Microsoft=AE Access or =
who use the downloadable Microsoft Access Snapshot Viewer

Impact of vulnerability: Allow an attacker to execute code of their =
choice

Maximum Severity Rating: Moderate

Recommendation: Customers who use Microsoft Access or who use the =
downloadable Microsoft Access Snapshot Viewer should install the =
security patch at their earliest opportunity.

End User Bulletin:
An end user version of this bulletin is available at:=20

http://www.microsoft.com/security/security_bulletins/ms03-038.asp.=20

Affected Software:=20
- Microsoft Access 97
- Microsoft Access 2000
- Microsoft Access 2002

Technical description:=20

With Microsoft Access Snapshot Viewer, you can distribute a snapshot of =
a Microsoft Access database that allows the snapshot to be viewed =
without having Access installed. For example, a customer may want to =
send a supplier an invoice that is generated by using an Access =
database. With Microsoft Access Snapshot Viewer, the customer can =
package the database so that the supplier can view it and print it =
without having Access installed.The Microsoft Access Snapshot Viewer is =
available with all versions of Access - though it is not installed by =
default - and is also available as a separate stand-alone download. The =
Snapshot Viewer is implemented by using an ActiveX control.

A vulnerability exists because of a flaw in the way that Snapshot Viewer =
validates parameters. Because the parameters are not correctly checked, =
a buffer overrun can occur, which could allow an attacker to execute the =
code of their choice in the security context of the logged-on user.

For an attack to be successful, an attacker would have to persuade a =
user to visit a malicious Web site that is under the attacker's control.

Mitigating factors:
- The Microsoft Access Snapshot Viewer is not installed with Microsoft =
Office by default.
- An attacker would need to persuade a user to visit a website under the =
attacker's control for an attack to be successful.
- An attacker's code would run with the same permissions as the user. If =
a user's permissions were restricted the attacker would be similarly =
restricted.

Vulnerability identifier: CAN-2003-0665



This email is sent to NTBugtraq automatically as a service to my =
subscribers. (v1.18)

Cheers,
Russ - Surgeon General of TruSecure Corporation/NTBugtraq Editor

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Whatever Happened to Octopus?

LEGATO RepliStor, formerly known as Octopus, delivers breakthrough
replication performance that's 5X faster than the competition in an
independent head-to-head test. Learn how RepliStor uses patented,
asynchronous, real-time replication, to deliver disaster recovery, data
distribution and consolidated backups. It is the first replication solution
to achieve Windows 2003 certification. Get the performance report now.

http://portal1.legato.com/products/replistor/upgrade.cfm

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo