CVE-2008-1092

Name of the Vulnerable Software and Affected Versions Microsoft Jet Database Engine version prior to 4.0.9505.0

Description A buffer overflow issue in the msjet40.dll file allows remote attackers to execute arbitrary code via a crafted Word file. This issue has been exploited in the wild, specifically in March 2008.

Recommendations For versions prior to 4.0.9505.0, update to version 4.0.9505.0 or later to resolve the issue. As a temporary workaround, consider avoiding the use of crafted Word files that could trigger the buffer overflow in the msjet40.dll file until a patch is applied.