The OVAL Repository5.102015-09-03T08:45:10.807-04:00Access ActiveX Control VulnerabilityMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows VistaMicrosoft Windows 7Microsoft Access 2003Microsoft Access 2007The Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 and 2007 SP1 and SP2 do not properly interact with the memory-allocation approach used by Internet Explorer during instantiation, which allows remote attackers to execute arbitrary code via a web site that references multiple ActiveX controls, as demonstrated by the ImexGrid and FieldList controls, aka "Access ActiveX Control Vulnerability."Dragos PrisacaDRAFTINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Access 2007 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Office Access 2007The application Microsoft Access 2007 is installed.Dragos PrisacaDRAFTINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDSharath SINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in Adobe Reader 11.0.02 allows remote attackers to execute arbitrary code via vectors related to a "break into the sandbox," as demonstrated by George Hotz during a Pwn2Own competition at CanSecWest 2013.Microsoft Windows 8Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows Server 2008Microsoft Windows Server 2003 R2Microsoft Windows XPAdobe ReaderUnspecified vulnerability in Adobe Reader 11.0.02 allows remote attackers to execute arbitrary code via vectors related to a "break into the sandbox," as demonstrated by George Hotz during a Pwn2Own competition at CanSecWest 2013.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDUnspecified vulnerability in Adobe Reader 11.0.02 allows attackers to bypass the sandbox protection mechanism via unknown vectors, as demonstrated by George Hotz during a Pwn2Own competition at CanSecWest 2013.Microsoft Windows 8Microsoft Windows 7Microsoft Windows Server 2008 R2Microsoft Windows Server 2008Microsoft Windows Server 2003 R2Microsoft Windows XPAdobe ReaderUnspecified vulnerability in Adobe Reader 11.0.02 allows attackers to bypass the sandbox protection mechanism via unknown vectors, as demonstrated by George Hotz during a Pwn2Own competition at CanSecWest 2013.Sergey ArtykhovDRAFTINTERIMACCEPTEDACCEPTEDAdobe Reader 11.x is installedMicrosoft Windows 2000Microsoft Windows 7Microsoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows Server 2008 R2Microsoft Windows VistaMicrosoft Windows XPMicrosoft Windows 8Microsoft Windows Server 2012Adobe ReaderAdobe Reader 11.x is installedShane ShafferDRAFTINTERIMShane ShafferACCEPTEDJonathan BakerINTERIMACCEPTEDACCEPTEDMSACCESS.EXEHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Office\12.0\Access\InstallRootPathAccwiz.dllMSACCESS.EXEHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Office\11.0\Access\InstallRootPathHKEY_LOCAL_MACHINEDisplayVersionHKEY_LOCAL_MACHINESOFTWARE\Adobe\Acrobat Reader\11.0\InstallerENU_GUID13.0.0.012.0.0.012.0.6535.500511.0.8325.011.0.8166.0^11\..*$11.0.02SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\