The OVAL Repository5.102015-09-03T08:46:13.077-04:00Access ActiveX Control VulnerabilityMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows VistaMicrosoft Windows 7Microsoft Access 2003Microsoft Access 2007The Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 and 2007 SP1 and SP2 do not properly interact with the memory-allocation approach used by Internet Explorer during instantiation, which allows remote attackers to execute arbitrary code via a web site that references multiple ActiveX controls, as demonstrated by the ImexGrid and FieldList controls, aka "Access ActiveX Control Vulnerability."Dragos PrisacaDRAFTINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDMaria KedovskayaINTERIMACCEPTEDACCEPTEDMicrosoft Access 2007 is installedMicrosoft Windows 2000Microsoft Windows XPMicrosoft Windows Server 2003Microsoft Windows Server 2008Microsoft Windows VistaMicrosoft Windows 7Microsoft Windows 8Microsoft Office Access 2007The application Microsoft Access 2007 is installed.Dragos PrisacaDRAFTINTERIMACCEPTEDShane ShafferINTERIMACCEPTEDSharath SINTERIMACCEPTEDACCEPTEDMSACCESS.EXEHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Office\12.0\Access\InstallRootPathAccwiz.dllMSACCESS.EXEHKEY_LOCAL_MACHINESOFTWARE\Microsoft\Office\11.0\Access\InstallRootPath13.0.0.012.0.0.012.0.6535.500511.0.8325.011.0.8166.0