CVE-2007-6026

Name of the Vulnerable Software and Affected Versions Microsoft Jet Engine version 4.0.8618.0 Microsoft Office 2003 SP3, specifically Access 2003

Description The issue allows attackers to execute arbitrary code via a crafted MDB file database containing a modified column structure. This could enable an attacker to take complete control of an affected system, allowing them to install programs, view, change, or delete data, or create new accounts with full user rights. Users with fewer user rights on the system could be less impacted than those operating with administrative user rights.

Recommendations For Microsoft Jet Engine version 4.0.8618.0, consider restricting the use of the Jet Database Engine until a patch is available. For Microsoft Office 2003 SP3, specifically Access 2003, avoid opening crafted MDB files from untrusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.