Microsoft JET Text I-ISAM 漏洞

漏洞信息详情

Microsoft JET Text I-ISAM 漏洞

• CNNVD编号：CNNVD-199907-031
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2000-0323
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  1999-07-28
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2007-03-30
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  Reported by Micros…

Microsoft Jet数据库引擎存在漏洞。远程攻击者可以通过数据库请求修改文本文件，也称为\”Text I-ISAM\”漏洞。

Microsoft has released a patch for this issue. To quote Microsoft advisory MS99-030:
–
http://officeupdate.microsoft.com/articles/mdac_typ.htm
NOTES:
– The above web site provides separate pages for Office97 and
Office2000. This is done in order to provide specific information
about the vulnerabilities affecting the products. The patch for
Office97 and Office2000 (and indeed for all affected products) is
exactly the same, and both pages link to exactly the same patch.
The patch will determine what version(s) of Jet are present on
the machine and apply all of the needed corrections.
– The patch is suitable for use by all language packs.
– The patch applies to Jet 3.5 and all subsequent versions. Older
versions of Jet are no longer supported, and we recommend that
affected customers upgrade to a supported version.
– The patch is suitable for widespread deployment via Microsoft(r)
Systems Management Server(r). Users who wish to manually apply
patches for specific versions of Jet should consult the FAQ for
information on how to do this.
An additional patch made available by Microsoft, exists at the following location:
http://office.microsoft.com/assistance/9798/mdac_typ.aspx

来源: BUGTRAQ
名称: 19990728 Alert : MS Office 97 Vulnerability
链接:http://www.securityfocus.com/templates/archive.pike?list=1&date=1999-08-22&msg=19990729195531.25108.qmail@underground.org

来源: BID
名称: 595
链接:http://www.securityfocus.com/level2/?go=vulnerabilities&id=595

来源: MS
名称: MS99-030
链接:http://www.microsoft.com/technet/security/bulletin/ms99-030.asp