Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Microsoft Data Access Components Could Allow Remote Code Execution (2451910) |
Informations | |||
---|---|---|---|
Name | MS11-002 | First vendor Publication | 2011-01-11 |
Vendor | Microsoft | Last vendor Modification | 2011-01-11 |
Severity (Vendor) | Critical | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.0 (January 11, 2011): Bulletin published.Summary: This security update resolves two privately reported vulnerabilities in Microsoft Data Access Components. The vulnerabilities could allow remote code execution if a user views a specially crafted Web page. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS11-002.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
50 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:12333 | |||
Oval ID: | oval:org.mitre.oval:def:12333 | ||
Title: | DSN Overflow Vulnerability | ||
Description: | Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long string in the Data Source Name (DSN) and a crafted szDSN argument, which bypasses a signed comparison and leads to a buffer overflow, aka "DSN Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0026 | Version: | 13 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Data Access Components |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:12411 | |||
Oval ID: | oval:org.mitre.oval:def:12411 | ||
Title: | ADO Record Memory Vulnerability | ||
Description: | Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka "ADO Record Memory Vulnerability." NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2011-0027 | Version: | 11 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows 7 | Product(s): | Microsoft Data Access Components |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 | |
Application | 1 |
ExploitDB Exploits
id | Description |
---|---|
2011-01-12 | MS11-002: Microsoft Data Access Components Vulnerability |
OpenVAS Exploits
Date | Description |
---|---|
2011-01-12 | Name : Microsoft Windows Data Access Components Remote Code Execution Vulnerabilitie... File : nvt/secpod_ms11-002.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
70444 | Microsoft Data Access Components (MDAC / WDAC) MSADO Record CacheSize Handlin... Microsoft Data Access Components and Windows Data Access Components fail to properly validate memory allocation for internal data structures. This may allow a remote attacker to execute arbitrary code via a large CacheSize property that triggers an integer wrap and buffer overflow. |
70443 | Microsoft Data Access Components (MDAC / WDAC) ODBC API (odbc32.dll) SQLConne... Microsoft Data Access Components and Windows Data Access Components are prone to an overflow condition. The 'SQLConnectW' function fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted long string in the Data Source Name and a crafted szDSN argument, a remote attacker can potentially execute arbitrary code. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-01-13 | IAVM : 2011-A-0004 - Microsoft Data Access Components Remote Code Execution Vulnerabilities Severity : Category II - VMSKEY : V0025887 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-12-16 | Microsoft Internet Explorer style sheet array memory corruption attempt RuleID : 32532 - Revision : 3 - Type : BROWSER-IE |
2014-01-10 | Microsoft Internet Explorer oversize recordset object cache size exploit attempt RuleID : 18280 - Revision : 15 - Type : BROWSER-IE |
2014-01-10 | Microsoft Data Access Components library attempt RuleID : 18276 - Revision : 11 - Type : FILE-OTHER |
2014-01-10 | Microsoft Internet Explorer style sheet array memory corruption attempt RuleID : 16659 - Revision : 17 - Type : BROWSER-IE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-01-11 | Name : Arbitrary code can be executed on the remote host through Microsoft Data Acce... File : smb_nt_ms11-002.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-12-16 21:23:22 |
|
2014-02-17 11:46:50 |
|
2014-01-19 21:30:35 |
|
2013-11-11 12:41:20 |
|