Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2019-0895: Jet Database Engine Remote Code Execution Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft CVE-2019-0895: Jet Database Engine Remote Code Execution Vulnerability

Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
05/14/2019
Created
05/15/2019
Added
05/14/2019
Modified
11/18/2021

Description

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.

Solution(s)

  • msft-kb4494440-4091b3b1-890f-4344-bf2c-cd6cc084a9a6
  • msft-kb4494440-db85a23a-f0f7-466e-ad06-73387fea46dd
  • msft-kb4494440-dd00e364-6182-4eb3-b4b3-49d6ca3f9d98
  • msft-kb4494441-49a84799-4aea-43e3-b297-d9b34762ce6b
  • msft-kb4494441-5d824d81-f71c-4236-b44a-b1d3d3afac45
  • msft-kb4494441-e34205a2-3739-4b7c-b792-22bc71890ca9
  • msft-kb4497936-0e57e7d4-5e8c-4c73-8998-9bbb32563e02
  • msft-kb4497936-10429ff2-9c14-4fb1-abdc-a105642cb1ad
  • msft-kb4497936-1d1a728c-a4f7-4574-8d1d-13011eef32eb
  • msft-kb4499154-44b16b5f-7af4-4d44-8f11-d890d152c2f7
  • msft-kb4499154-c266a444-9a8f-49cc-a989-767936db38ab
  • msft-kb4499158-93082475-fee3-46cf-8c33-1d26b56c536f
  • msft-kb4499158-abe3070b-cf0f-460c-aa3e-facb04627dfa
  • msft-kb4499158-b4ae50b9-4f14-4eaf-8574-6b7a66beb9cb
  • msft-kb4499165-4b02df8e-e169-4d3a-a07e-bff78bc2efe3
  • msft-kb4499165-770814d7-311f-4093-a9b4-a42b90c29a13
  • msft-kb4499165-b6296768-ff16-4e28-aa22-9e8938569154
  • msft-kb4499167-02d7f039-e9d8-44a4-991c-7f0018dbb17b
  • msft-kb4499167-2ea0586a-8e8e-4677-bcd7-0d821e1f3e9c
  • msft-kb4499167-426f16ec-8a9b-4c38-a4f9-c018371d51cb
  • msft-kb4499175-5e4e9777-acaf-4485-b181-342ed54243e0
  • msft-kb4499175-80f959d7-d6e8-444f-a157-d96e403b7cd7
  • msft-kb4499175-b2b4e1dd-97d2-4352-b3c6-e8b8ceefeeea
  • msft-kb4499175-c723d22f-c1f5-4e53-973c-5991b24ddd48
  • msft-kb4499175-e833c2ff-5588-4831-a96b-9fffb35bf3ce
  • msft-kb4499175-f655d609-7d57-4c77-9e8a-a59a2dbeaa80
  • msft-kb4499179-7f17fdb3-7c5e-44c1-b12c-bc57af632380
  • msft-kb4499179-b166ef22-f8fd-4be4-b577-5dd5e689c5e9
  • msft-kb4499180-35b41bba-4719-4a94-a669-6aeed5e13763
  • msft-kb4499180-a933ba63-a19e-453b-af10-eb3bfcd1b425
  • msft-kb4499180-e2f52ce9-61fa-4a6a-aa5a-43a2a91be450
  • msft-kb4499181-78d037a2-ac8c-4a2a-a2dd-4d706c402d25
  • msft-kb4499181-acf8762b-9546-4a51-8e26-d5790de3c4ab

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;