Microsoft Access vulnerabilities

CVE-2008-1200 [CRITICAL] CVE-2008-1200: Unspecified vulnerability in Microsoft Access allows remote user-assisted attackers to execute arbit Unspecified vulnerability in Microsoft Access allows remote user-assisted attackers to execute arbitrary code via a crafted .MDB file, possibly related to Jet Engine (msjet40.dll). NOTE: this is probably a different issue than CVE-2007-6026.

CVE-2007-0671 [HIGH] CVE-2007-0671: Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Of Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.

CVE-2006-3877 [CRITICAL] CVE-2006-3877: Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2 Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.

CVE-2003-0665 [HIGH] CVE-2003-0665: Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control.

CVE-2000-0788 [CRITICAL] CVE-2000-0788: The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) s The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands.

CVE-2000-0419 [HIGH] CVE-2000-0419: The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.

CVE-1999-0364 [CRITICAL] CVE-1999-0364: Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to dat Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data.