Vulnerability Note VU#542081
Microsoft Windows Data Access Components contains heap overflow in Data Stubs when parsing a malformed HTTP request
A vulnerability in the Microsoft Data Access Components (MDAC) could lead to remote execution of code with the privileges of the current process, or user.
Microsoft Data Access Components (MDAC) is a collection of utilities and routines to process requests between databases and network applications. A buffer overflow vulnerability exists in the Remote Data Services (RDS) component of MDAC.
The RDS component provides an intermediary step for a client's request for service from a back-end database which enables the web site to apply business logic to the request.
A remote attacker could execute arbitrary code with the privileges of the application that processed the request.
Apply a patch from your vendor.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Microsoft Corporation||Affected||20 Nov 2002||20 Nov 2002|
CVSS Metrics (Learn More)
This vulnerability was reported in an advisory by Foundstone and in MS02-065 by Microsoft.
This document was written by Jason A Rafail.
- CVE IDs: CAN-2002-1142
- CERT Advisory: CA-2002-33
- Date Public: 20 Nov 2002
- Date First Published: 20 Nov 2002
- Date Last Updated: 13 Dec 2002
- Severity Metric: 52.58
- Document Revision: 9
If you have feedback, comments, or additional information about this vulnerability, please send us email.