HTTP: Microsoft JET Database Code Execution
This signature detects attempts to exploit a known vulnerability in the Microsoft JET database engine. Attackers can remotely execute commands on the target system.
Extended Description
It has been reported that Microsoft Jet Database Engine (Jet) is prone to a remote code execution vulnerability that that may allow remote attackers to execute arbitrary code in order to gain unauthorized access to a vulnerable system. This issue presents itself when a specially crafted database query is sent by an attacker to be interpreted by Jet. A successful attack may allow the attacker to gain complete control of the affected system. Microsoft Jet Database Engine version 4.0 running on various Microsoft operating systems is reported to be vulnerable to this issue.
Affected Products
Avaya s8100_media_servers,Microsoft windows_server_2003_enterprise_edition
Short Name
HTTP:PKG:MS-JET-VBA
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2004-0197 Code Database Execution JET Microsoft bid:10112
Release Date
02/22/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
Avaya
CVSS Score
7.5