OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Re: [HV-HIGH] Microsoft Jet DB engine vulnerabilities

From: Steve Shockley (steve.shockleyshockley.net)
Date: Sun Apr 03 2005 - 12:13:14 CDT


Denis Jedig wrote:
> Newer Access versions throw a security warning if the VBA code is not
> signed and let the user disable VBA execution. The issue highlighted by
> hexview is able to circumvent this security-related feature.

Access 2003 on WinXP SP2 throws a security warning when I open any
Access file, even one without VBA. I believe that's new with WinXP SP2.