Microsoft Windows JET Database Engine is prone to a remote code-execution vulnerability.
Attackers can exploit this issue to execute arbitrary code in the context of the current process. Failed attacks will cause denial-of-service conditions.
Information
Exploit
The researcher who discovered this issue has created a proof-of-concept. Please see the references for more information.
References:
- Microsoft Homepage (Microsoft)
- (0Day) Microsoft Windows Jet Database Engine Out-Of-Bounds Write Remote Code Exe (Zero Day Initiative)
- ZDI-CAN-6135: A REMOTE CODE EXECUTION VULNERABILITY IN THE MICROSOFT WINDOWS (Zero Day Initiative)