Lucene search
+L

93 matches found

ThreatPost
ThreatPost
added 2011/08/09 8:49 p.m.18 views

Patch Tuesday: Microsoft Releases 13 Bulletins, 2 Critical

Microsoft shipped 13 bulletins in the August edition of Patch Tuesday, including two critical fixes for the Internet Explorer Browser and for Windows DNS Server that the company warns could enable remote attacks. The scheduled monthly update includes a a cumulative security update for Internet...

0.6AI score
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2011/08/09 12:0 a.m.22 views

MS11-059: Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (2560656)

The version of Microsoft Data Access Components MDAC installed on the remote Windows host is affected by a code execution vulnerability. By tricking a user into opening a legitimate Excel file that is in the same directory as a specially crafted library file, a remote, unauthenticated user could...

9.3CVSS6.5AI score0.42621EPSS
Exploits1References2
NVD
NVD
added 2011/01/12 1:0 a.m.44 views

CVE-2011-0026

Integer signedness error in the SQLConnectW function in an ODBC API odbc32.dll in Microsoft Data Access Components MDAC 2.8 SP1 and SP2, and Windows Data Access Components WDAC 6.0, allows remote attackers to execute arbitrary code via a long string in the Data Source Name DSN and a crafted szDSN...

9.3CVSS7.5AI score0.34399EPSS
Exploits0References10
NVD
NVD
added 2011/01/12 1:0 a.m.27 views

CVE-2011-0027

Microsoft Data Access Components MDAC 2.8 SP1 and SP2, and Windows Data Access Components WDAC 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer...

9.3CVSS7.3AI score0.54372EPSS
Exploits0References11
Prion
Prion
added 2011/01/12 1:0 a.m.28 views

Integer overflow

Integer signedness error in the SQLConnectW function in an ODBC API odbc32.dll in Microsoft Data Access Components MDAC 2.8 SP1 and SP2, and Windows Data Access Components WDAC 6.0, allows remote attackers to execute arbitrary code via a long string in the Data Source Name DSN and a crafted szDSN...

9.3CVSS8.2AI score0.34399EPSS
Exploits0References10Affected Software2
exploitpack
exploitpack
added 2011/01/12 12:0 a.m.48 views

Microsoft Data Access Components - Remote Overflow (MS11-002)

Microsoft Data Access Components - Remote Overflow MS11-002 .body test // This code has been released under the Q Public License by Trolltech // http://en.wikipedia.org/wiki/QPublicLicense // Source: http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/ var StartTime = new Date; var...

0.6AI score
Exploits0
Cvelist
Cvelist
added 2011/01/12 12:0 a.m.38 views

CVE-2011-0027

Microsoft Data Access Components MDAC 2.8 SP1 and SP2, and Windows Data Access Components WDAC 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer...

7.3AI score0.54372EPSS
Exploits0References11
CVE
CVE
added 2011/01/12 12:0 a.m.68 views

CVE-2011-0027

CVE-2011-0027 concerns Microsoft Data Access Components (MDAC) 2.8 SP1/SP2 and Windows Data Access Components (WDAC) 6.0, where memory allocation for internal data structures is not properly validated. According to MS11-002, a remote attacker could trigger a code execution by a user viewing a cra...

9.3CVSS7.5AI score0.54372EPSS
Exploits0References11Affected Software1
Packet Storm
Packet Storm
added 2011/01/12 12:0 a.m.26 views

Microsoft Data Access Components Vulnerability

.body test // This code has been released under the Q Public License by Trolltech // http://en.wikipedia.org/wiki/QPublicLicense // Source: http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/ var StartTime = new Date; var FinalHeapSpraySize = 900; //var SmallHoleSize = 0x1F0; var...

1AI score
Exploits0
OpenVAS
OpenVAS
added 2011/01/12 12:0 a.m.31 views

Microsoft Windows Data Access Components Remote Code Execution Vulnerabilities (2451910)

This host is missing a critical security update according to Microsoft Bulletin MS11-002. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS5AI score0.54372EPSS
Exploits0References7
Exploit DB
Exploit DB
added 2011/01/12 12:0 a.m.50 views

Microsoft Data Access Components - Remote Overflow (MS11-002)

.body test // This code has been released under the Q Public License by Trolltech // http://en.wikipedia.org/wiki/QPublicLicense // Source: http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/ var StartTime = new Date; var FinalHeapSpraySize = 900; //var SmallHoleSize = 0x1F0; var...

7.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2011/01/11 12:0 a.m.42 views

Microsoft Data Access Components CacheSize Memory Corruption (MS11-002; CVE-2011-0027)

Microsoft Data Access Components MDAC is a collection of components that make it easy for programs to access databases and then to manipulate the data within them. MDAC provides a consolidated set of functions for working with different kinds of data sources in a consistent manner The vulnerabili...

9.3CVSS6AI score0.54372EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2011/01/11 12:0 a.m.9 views

PT-2011-2023 · Microsoft · Data Access Components +1

Name of the Vulnerable Software and Affected Versions: Microsoft Data Access Components MDAC versions 2.8 SP1 through 2.8 SP2 Windows Data Access Components WDAC version 6.0 Description: The issue is related to an integer signedness error in the SQLConnectW function within the odbc32.dll of...

9.3CVSS7.8AI score0.34399EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2011/01/11 12:0 a.m.42 views

MS11-002: Vulnerabilities in Microsoft Data Access Components Could Allow Remote Code Execution (2451910)

The version of Microsoft Data Access Components MDAC installed on the remote Windows host is affected by two vulnerabilities, which could allow arbitrary code execution if a user views a specially crafted web page: - A buffer overflow in the Open Database Connectivity ODBC API used by third-party...

9.3CVSS6.7AI score0.54372EPSS
Exploits0References5
Symantec
Symantec
added 2011/01/11 12:0 a.m.30 views

Microsoft Data Access Components Data Source Name Buffer Overflow Vulnerability

Description Microsoft Data Access Components MDAC are prone to a buffer-overflow vulnerability because they fail to properly bounds-check user-supplied data. Successful exploits will allow an attacker to run arbitrary code in the context of the user running the application. Failed attacks will...

7.8AI score
Exploits0Affected Software6
Zero Day Initiative
Zero Day Initiative
added 2011/01/11 12:0 a.m.44 views

Microsoft Data Access Components DSN Overflow Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Data Access Components. The vulnerability is present in an API call and as such successful exploitation will depend on an application's implementation of this call. The specific flaw exists with...

10CVSS2.8AI score0.34399EPSS
Exploits0References1
0day.today
0day.today
added 2011/01/10 12:0 a.m.48 views

MS11-002: Microsoft Data Access Components Vulnerability

Exploit for windows platform in category remote exploits .body test // This code has been released under the Q Public License by Trolltech // http://en.wikipedia.org/wiki/QPublicLicense // Source: http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/ var StartTime = new Date; var...

7.1AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2010/05/01 12:0 a.m.4 views

VulnCheck KEV: CVE-2006-5559

The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects ADODB.Connection.2.7 and ADODB.Connection.2.8 in the Microsoft Data Access Components MDAC 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows...

9.3CVSS5.8AI score0.43785EPSS
Exploits1References1
VulnCheck KEV
VulnCheck KEV
added 2010/05/01 12:0 a.m.13 views

VulnCheck KEV: CVE-2006-0003

Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects ADO and distributed in Microsoft Data Access Components MDAC 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors...

5.1CVSS7.8AI score0.825EPSS
Exploits6References1
Symantec
Symantec
added 2010/03/24 12:0 a.m.16 views

Microsoft Data Access Components ActiveX Data Objects Memory Corruption Vulnerability

Description Microsoft Data Access Components are prone to a remote memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the...

0.6AI score
Exploits0References5Affected Software7
Rows per page
Query Builder