Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Subject: FW: Microsoft Internet Explorer 5.01 and Access 2000 VBA Code Exe cuti on Vulnerability
From: Walton, Keith (WaltonKOCIT.CO.SACRAMENTO.CA.US)
Date: Fri Jun 30 2000 - 11:46:33 CDT
- Next message: Mike Eldridge: "Re: ftpd: the advisory version"
- Previous message: Paul Starzetz: "Re: Buggy ARP handling in Windoze"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
See bottom of message for a workaround for this vulnerability.
From: Jensenne Roculan [mailto:jroculansecurityfocus.com]
Sent: Friday, June 30, 2000 9:30 AM
To: Walton, Keith
Subject: Re: Microsoft Internet Explorer 5.01 and Access 2000 VBA Code
Executi on Vulnerability
Hi there Keith,
Thanks very much for the information. You may want to post your
workaround to bugtraq (bugtraqsecurityfocus.com). I tried this with
WinNT 4.0 and it seems to work, have you verified on Win 98?
(403) 213-3939 ext. 229
On Thu, 29 Jun 2000, Walton, Keith wrote:
> Assigning a password to the Administrator user in Access 2000 will help
> protect against this vulnerability. It will at least bring up a login
> when it tries to open the database.
> By the way, this flaw also works with Visio 2000. I don't know of any way
> protect against this one.
> KeithWalton.net <mailto:KeithWalton.net>