A vulnerability in the Microsoft Data Access Components (MDAC) could lead to remote execution of code with the privileges of the current process, or user.
Microsoft Data Access Components (MDAC) is a collection of utilities and routines to process requests between databases and network applications. A buffer overflow vulnerability exists in the Remote Data Services (RDS) component of MDAC.
The RDS component provides an intermediary step for a client's request for service from a back-end database which enables the web site to apply business logic to the request.
A remote attacker could execute arbitrary code with the privileges of the application that processed the request.
Apply a patch from your vendor.
This vulnerability was reported in an advisory by Foundstone and in MS02-065 by Microsoft.
This document was written by Jason A Rafail.