MS03-038 Bulletin Details
Bulletin ID MS03-038
Title Unchecked buffer in Microsoft Access Snapshot Viewer Could Allow Code Execution (827104)
Summary With Microsoft Access Snapshot Viewer, you can distribute a snapshot of a Microsoft Access database that allows the snapshot to be viewed without having Access installed. For example, a customer may want to send a supplier an invoice that is generated by using an Access database.?With Microsoft Access Snapshot Viewer, the customer can package the database so that the supplier can view it and print it without having Access installed. By default, the Microsoft Access Snapshot Viewer is installed with all versions of Access and is also available as a separate stand-alone download. The Snapshot Viewer is implemented by using an ActiveX control.

A vulnerability exists because of a flaw in the way that Snapshot Viewer validates parameters. Because the parameters are not correctly checked, a buffer overrun can occur, which could allow an attacker to execute the code of their choice in the security context of the logged-on user.

For an attack to be successful, an attacker would have to persuade a user to visit a malicious Web site that is under the attacker's control.
Knowledgebase 827104

List of Patches

S.No Patch Name Severity
1officexp-kb826293-client-enu.exeModerate

Disclaimer: This webpage is intended to provide you information about patch announcement for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors websites. You can get more information by clicking the links to visit the relevant pages on the vendors website.