Tag
#Security Vulnerability
**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited the vulnerability could potentially read small portions of heap memory.
**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the permission level at which Access is running.
**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by tricking an authenticated user into opening a malicious MDB file in Access via ODBC, which could result in the attacker being able to execute arbitrary code on the victim's machine with the permission level at which Access is running.
**How could an attacker exploit this vulnerability?** An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation.
**How could an attacker exploit this vulnerability?** An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable a remote code execution exploitation.
**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have be enticed to open a malicious file in a directory. Users should never open anything that they do not know or trust to be safe.
**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could view the data protection API (DPAPI) master key.
**What security feature could be bypassed by this vulnerability?** An attacker who successfully exploited this could bypass the Network Device Enrollment (NDES) Services' cryptographic service provider.
**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
**What privileges could an attacker gain?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.