PT-2020-4386 · Microsoft · Office Access Connectivity Engine
Nafiez
·
Published
2020-10-13
·
Updated
2023-12-31
·
CVE-2020-16957
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Microsoft Office Access Connectivity Engine (affected versions not specified)
Description:
A remote code execution issue exists due to the improper handling of objects in memory by the Microsoft Office Access Connectivity Engine. This could allow an attacker to execute arbitrary code on a victim system by enticing them to open a specially crafted file. The issue is resolved by correcting how the engine handles objects in memory.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Office Access Connectivity Engine