Issue
A problem exists within some versions of Microsoft's Access database,
in particular the Jet v3.5 database engine. By spoofing events from
BlackICE agents with appropriate authentication information, a hacker
can craft data that will be placed in the database in such a way
that commands can be executed.
This is only a problem with installations using the Access/Jet engine.
ICEcap includes code for the Access/Jet engine for demo/evaluation
purposes, but recommends MS SQL for long term use. The Jet
engine doesn't provide the scalability of a full SQL database, and
is therefore not officially supported.
Affected Software Versions
ICEcap version 2.0.23 an below when installed with the "Access" database option.
Solution
If you have version 2.0.23 or below, upgrade to the patched version described in
KB article q000167.
Updating the Jet database or moving to SQL Server will also solve this issue.
More Information
A description of the Jet vulnerability can be found at
http://www.microsoft.com/technet/security/bulletin/ms99-030.asp.
Security information about Network ICE's products can be found at
http://advice.networkice.com/advice/Support/Security.
Acknowledgements
Network ICE would like to thank rain.forest.puppy for bringing this issue to
our attention working with us to protect our customers.
