CVE-2013-3156

Name of the Vulnerable Software and Affected Versions Microsoft Access versions 2007 SP3, 2010 SP1 and SP2, and 2013

Description The issue allows remote attackers to execute arbitrary code or cause a denial of service due to memory corruption via a crafted Access file. Remote code execution vulnerabilities exist in the way that Microsoft Access parses content in Access files, potentially allowing an attacker to take complete control of an affected system. This could enable the attacker to install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with fewer user rights on the system compared to those operating with administrative user rights.

Recommendations For Microsoft Access 2007 SP3, update to a version that is not affected by this issue. For Microsoft Access 2010 SP1 and SP2, update to a version that is not affected by this issue. For Microsoft Access 2013, update to a version that is not affected by this issue.