Microsoft Access Snapshot Viewer ActiveX Control Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 8 Jul 2008 4611 Views

RISK: Medium Risk

Medium Risk

A vulnerability has been identified in the Snapshot Viewer for Microsoft Access, which could be exploited by remote attackers to take complete control of an affected system. This issue is caused by a design error in the "snapview.ocx" ActiveX control that does not restrict access to certain methods, which could be exploited by attackers to download files to arbitrary locations on a vulnerable system by tricking a user into visiting a specially crafted web page.

Note: This vulnerability is currently being exploited in the wild.

Impact

  • Remote Code Execution

System / Technologies affected

  • Microsoft Office Access 2000
  • Microsoft Office Access 2002
  • Microsoft Office Access 2003
  • Microsoft Access Snapshot Viewer

Solutions

There is no patch available for this vulnerability currently.

Please consider the workaround provided by the vendor.
http://www.microsoft.com/technet/security/advisory/955179.mspx

Vulnerability Identifier

Source

Related Link

Share with

Previous

Opera for Windows Unspecified Code Execution Vulnerability

3 Jul 2008 4722 Views

Next

Microsoft Outlook Web Access for Exchange Server Multiple Cross-Site Scripting Vulnerabilities( 09 July 2008 )

9 Jul 2008 4560 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY