CVE-2007-6026

EXPLOITED

Microsoft msjet40.dll <4.0.8618.0 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2007-6026 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including cocoruder.

AI-analyzed exploit summary The provided text describes a vulnerability in Microsoft Jet Engine but does not include actual exploit code. Instead, it directs users to download an external file, which is a common tactic for suspicious or malicious repositories.

Description

Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944.

Exploits (1)

exploitdb SUSPICIOUS VERIFIED
by cocoruder · textlocalwindows
https://www.exploit-db.com/exploits/4625

The provided text describes a vulnerability in Microsoft Jet Engine but does not include actual exploit code. Instead, it directs users to download an external file, which is a common tactic for suspicious or malicious repositories.

Classification
Suspicious 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Theoretical
Target: Microsoft Office Access 2003 SP3 on Windows XP SP2
No auth needed
Prerequisites: User interaction to open a malicious MDB file
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (18)

Core 18
Core References
Vendor Advisory x_refsource_misc
http://dvlabs.tippingpoint.com/advisory/TPTI-08-04
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/936529
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/483858/100/100/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/483888/100/100/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3376
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5578
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/492019/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/28398
Mailing List vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=121129490723574&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/26468
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/483887/100/100/threaded
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA08-134A.html
Various Sources x_refsource_misc
http://ruder.cdut.net/blogview.asp?logID=227
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018976
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38499
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/483797/100/0/threaded

Scores

EPSS 0.8082
EPSS Percentile 99.2%

Details

VulnCheck KEV 2008-05-13
CWE
CWE-119
Status published
Products (6)
microsoft/jet 4.0.8618.0
microsoft/office 2003 sp3
microsoft/windows_2000
microsoft/windows_2003_server
microsoft/windows_nt 4.0
microsoft/windows_xp
Published Nov 20, 2007
Tracked Since Feb 18, 2026