CVE-2005-0944

Microsoft Jet DB engine <4.00.8618.0 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2005-0944. PoCs published by Jean Luc, Tal Zeltzer, Stuart Pearson.

AI-analyzed exploit summary This exploit targets a vulnerability in Microsoft Jet Database Engine (msjet40.dll) by crafting a malicious MDB file header and body, leveraging a JMP EDX instruction to redirect execution to shellcode. The shellcode establishes a reverse shell connection, demonstrating remote code execution (RCE).

Description

Unknown vulnerability in Microsoft Jet DB engine (msjet40.dll) 4.00.8618.0, related to insufficient data validation, allows remote attackers to execute arbitrary code via a crafted mdb file.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Jean Luc · pythonlocalwindows
https://www.exploit-db.com/exploits/951

This exploit targets a vulnerability in Microsoft Jet Database Engine (msjet40.dll) by crafting a malicious MDB file header and body, leveraging a JMP EDX instruction to redirect execution to shellcode. The shellcode establishes a reverse shell connection, demonstrating remote code execution (RCE).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Jet Database Engine (msjet40.dll) in Microsoft Access 2000/2002/2003
No auth needed
Prerequisites: Victim must open the malicious MDB file · Target system must be running a vulnerable version of Microsoft Access
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Tal Zeltzer · pythonlocalwindows
https://www.exploit-db.com/exploits/929

This is a functional exploit for CVE-2005-0944 targeting Microsoft Jet Database Engine (msjet40.dll). It leverages a buffer overflow vulnerability to execute a reverse shell payload, with a crafted MDB file header and body to trigger the exploit.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Jet Database Engine (msjet40.dll) on Windows XP SP1
No auth needed
Prerequisites: Target system running Windows XP SP1 with vulnerable msjet40.dll · Network connectivity for reverse shell callback
devstral-2 · analyzed Feb 18, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Stuart Pearson · clocalwindows
https://www.exploit-db.com/exploits/927

This exploit targets a vulnerability in Microsoft Jet Database Engine (msjet40.dll) by crafting a malicious .mdb file. It leverages a signed expansion issue to control EIP and execute arbitrary shellcode, ultimately launching calc.exe.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Jet Database Engine (msjet40.dll) in Microsoft Access 2000/2002/2003
No auth needed
Prerequisites: Victim must open the malicious .mdb file · Specific versions of Microsoft Access installed
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/442610/100/100/threaded
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=111231465920199&w=2
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/442446/100/100/threaded
Vendor Advisory x_refsource_misc
http://www.hexview.com/docs/20050331-1.txt
Various Sources x_refsource_misc
http://blogs.securiteam.com/?p=535
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/176380

Scores

EPSS 0.3402
EPSS Percentile 98.2%

Details

Status published
Products (1)
microsoft/jet < 4.0.8618.0
Published May 02, 2005
Tracked Since Feb 18, 2026