Microsoft Security Advisory (955179)
Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution
Microsoft is investigating active, targeted attacks leveraging a potential vulnerability in the ActiveX control for the Snapshot Viewer for Microsoft Access. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.
The ActiveX control for the Snapshot Viewer for Microsoft Access enables you to view an Access report snapshot without having the standard or run-time versions of Microsoft Office Access. The vulnerability only affects the ActiveX control for the Snapshot Viewer for Microsoft Office Access 2000, Microsoft Office Access 2002, and Microsoft Office Access 2003.
The ActiveX control is shipped with all supported versions of Microsoft Office Access except for Microsoft Office Access 2007. The ActiveX control is also shipped with the standalone Snapshot Viewer.
For work-around and more info, please go to http://www.microsoft.com/technet/security/advisory/955179.mspx
http://blogs.technet.com/msrc/archive/2008/07/07/snapshot-viewer-activex-control-vulnerability.aspx
Source- Donna’s Security Flash
If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!
Tags: Microsoft, Microsoft Office, TechnetTags: Microsoft, Microsoft Office, Technet
Microsoft | 
Ankur Mittal | July 8, 2008
