CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
94.1%
Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5 through 2.7 for SQL Server 7.0 or 2000 allows remote attackers to execute arbitrary code via a query that calls the OpenRowSet command.
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | data_access_components | 1.5 | cpe:2.3:a:microsoft:data_access_components:1.5:*:*:*:*:*:*:* |
microsoft | data_access_components | 2.0 | cpe:2.3:a:microsoft:data_access_components:2.0:*:*:*:*:*:*:* |
microsoft | data_access_components | 2.1 | cpe:2.3:a:microsoft:data_access_components:2.1:*:*:*:*:*:*:* |
microsoft | data_access_components | 2.1.1.3711.11 | cpe:2.3:a:microsoft:data_access_components:2.1.1.3711.11:ga:*:*:*:*:*:* |
microsoft | data_access_components | 2.5 | cpe:2.3:a:microsoft:data_access_components:2.5:*:*:*:*:*:*:* |
microsoft | data_access_components | 2.5 | cpe:2.3:a:microsoft:data_access_components:2.5:gold:*:*:*:*:*:* |
microsoft | data_access_components | 2.5 | cpe:2.3:a:microsoft:data_access_components:2.5:sp1:*:*:*:*:*:* |
microsoft | data_access_components | 2.5 | cpe:2.3:a:microsoft:data_access_components:2.5:sp2:*:*:*:*:*:* |
microsoft | data_access_components | 2.6 | cpe:2.3:a:microsoft:data_access_components:2.6:*:*:*:*:*:*:* |
microsoft | data_access_components | 2.6 | cpe:2.3:a:microsoft:data_access_components:2.6:gold:*:*:*:*:*:* |