Microsoft Windows DAO 3.6 Object Library Insecure Library Loading Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 1 Nov 2010 5061 Views

RISK: Medium Risk

Medium Risk

A vulnerability has been identified in Microsoft Windows, which could be exploited by remote attackers to compromise a vulnerable system.

The vulnerability is caused due to the Data Access Objects library (dao360.dll) loading libraries (e.g. msjet49.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a file located on a remote WebDAV or SMB share via an application using the library.

Impact

  • Remote Code Execution

System / Technologies affected

  • Microsoft Windows 7
  • Microsoft Windows Server 2003 Datacenter Edition
  • Microsoft Windows Server 2003 Enterprise Edition
  • Microsoft Windows Server 2003 Standard Edition
  • Microsoft Windows Server 2003 Web Edition
  • Microsoft Windows Storage Server 2003
  • Microsoft Windows Vista
  • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Professional

Solutions

Do not open untrusted files.

Vulnerability Identifier

  • No CVE information is available

Source

Share with

Previous

SonicWALL SSL-VPN Buffer Overflow Vulnerability

1 Nov 2010 4873 Views

Next

Adobe Shockwave Player Multiple Remote Code Execution Vulnerabilities

1 Nov 2010 4748 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY