Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2008-1092

Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. NOTE: as of 20080513, Microsoft has stated that this is the same issue as CVE-2007-6026.

  • Published: Mar 25, 2008
  • Updated: Apr 13, 2023
  • CVE: CVE-2008-1092
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
microsoft / word 2000-sp3 2000-sp3.x
microsoft / word 2002-sp3 2002-sp3.x
microsoft / word 2003-sp2 2003-sp2.x
microsoft / word 2003_sp3 2003_sp3.x
microsoft / word 2007 2007.x
microsoft / word 2007_sp1 2007_sp1.x