Microsoft Jet数据库引擎远程任意指令漏洞(MS04-014)

漏洞信息详情

Microsoft Jet数据库引擎远程任意指令漏洞(MS04-014)

• CNNVD编号：CNNVD-200406-017
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2004-0197
  
• 漏洞类型：
  
  
  未知
  
• 发布时间：
  
  2004-04-13
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  microsoft
• 漏洞来源：
  Matt Thompson

MS Jet Database Engine是微软开发的数据库引擎。
Microsoft Jet Database Engine (Jet)存在远程缓冲区溢出，远程攻击者可以利用这个漏洞进行安装程序，更改删除数据，建立帐户等恶意攻击。
目前没有详细漏洞细节提供。

厂商补丁：
Microsoft
———
Microsoft已经为此发布了一个安全公告(MS04-014)以及相应补丁:

MS04-014：Vulnerability in the Microsoft Jet Database Engine Could Allow Code Execution (837001)

链接：http://www.microsoft.com/technet/security/bulletin/MS04-014.mspx” target=”_blank”>
http://www.microsoft.com/technet/security/bulletin/MS04-014.mspx

补丁下载：

Microsoft Windows NT? Workstation 4.0 Service Pack 6a

http://www.microsoft.com/downloads/details.aspx?FamilyId=7678462A-52EC-48D5-9AEB-46EC4CC053C7&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=7678462A-52EC-48D5-9AEB-46EC4CC053C7&displaylang=en

Microsoft Windows NT Server 4.0 Service Pack 6a

http://www.microsoft.com/downloads/details.aspx?FamilyId=7678462A-52EC-48D5-9AEB-46EC4CC053C7&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=7678462A-52EC-48D5-9AEB-46EC4CC053C7&displaylang=en

Microsoft Windows NT Server 4.0 Terminal Server Edition Service Pack 6

http://www.microsoft.com/downloads/details.aspx?FamilyId=7678462A-52EC-48D5-9AEB-46EC4CC053C7&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=7678462A-52EC-48D5-9AEB-46EC4CC053C7&displaylang=en

Microsoft Windows 2000 Service Pack 2, Microsoft Windows 2000 Service Pack 3, and Microsoft Windows 2000 Service Pack 4

http://www.microsoft.com/downloads/details.aspx?FamilyId=5813346A-7EC2-4F57-A199-8375DA0AD816&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=5813346A-7EC2-4F57-A199-8375DA0AD816&displaylang=en

Microsoft Windows XP and Microsoft Windows XP Service Pack 1

http://www.microsoft.com/downloads/details.aspx?FamilyId=EA17D1CB-075E-4B63-BC45-06EBBF41C6B5&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=EA17D1CB-075E-4B63-BC45-06EBBF41C6B5&displaylang=en

Microsoft Windows XP 64-Bit Edition Service Pack 1

http://www.microsoft.com/downloads/details.aspx?FamilyId=B487610D-806C-4289-BE70-92F7D2337E17&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=B487610D-806C-4289-BE70-92F7D2337E17&displaylang=en

Microsoft Windows XP 64-Bit Edition Version 2003

http://www.microsoft.com/downloads/details.aspx?FamilyId=E4E0EB80-7395-4C07-BC1D-B187DE541BC2&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=E4E0EB80-7395-4C07-BC1D-B187DE541BC2&displaylang=en

Microsoft Windows Server 2003

http://www.microsoft.com/downloads/details.aspx?FamilyId=216D708B-3A55-4B50-8AD2-BFF06B668CBB&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=216D708B-3A55-4B50-8AD2-BFF06B668CBB&displaylang=en

Microsoft Windows Server 2003 64-Bit Edition

http://www.microsoft.com/downloads/details.aspx?FamilyId=E4E0EB80-7395-4C07-BC1D-B187DE541BC2&displaylang=en” target=”_blank”>
http://www.microsoft.com/downloads/details.aspx?FamilyId=E4E0EB80-7395-4C07-BC1D-B187DE541BC2&displaylang=en

来源:US-CERT Vulnerability Note: VU#740716
名称: VU#740716
链接:http://www.kb.cert.org/vuls/id/740716

来源:US-CERT Technical Alert: TA04-104A
名称: TA04-104A
链接:http://www.us-cert.gov/cas/techalerts/TA04-104A.html

来源: XF
名称: msjet-query-execute-code(15703)
链接:http://xforce.iss.net/xforce/xfdb/15703

来源: BID
名称: 10112
链接:http://www.securityfocus.com/bid/10112

来源: MS
名称: MS04-014
链接:http://www.microsoft.com/technet/security/bulletin/ms04-014.asp

来源: US Government Resource: oval:org.mitre.oval:def:968
名称: oval:org.mitre.oval:def:968
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:968