CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
99.7%
The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote attackers to cause a denial of service (Internet Explorer crash) and possibly execute arbitrary code via certain strings in the second and third arguments.
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | windows_2000 | * | cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:* |
microsoft | data_access_components | 2.5 | cpe:2.3:a:microsoft:data_access_components:2.5:sp3:*:*:*:*:*:* |
microsoft | windows_xp | * | cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:* |
microsoft | data_access_components | 2.8 | cpe:2.3:a:microsoft:data_access_components:2.8:sp1:*:*:*:*:*:* |
microsoft | windows_2003_server | * | cpe:2.3:o:microsoft:windows_2003_server:*:*:*:*:*:*:*:* |
microsoft | windows_2003_server | itanium | cpe:2.3:o:microsoft:windows_2003_server:itanium:*:*:*:*:*:*:* |
microsoft | data_access_components | 2.8 | cpe:2.3:a:microsoft:data_access_components:2.8:*:*:*:*:*:*:* |
microsoft | data_access_components | 2.7 | cpe:2.3:a:microsoft:data_access_components:2.7:sp1:*:*:*:*:*:* |
blogs.technet.com/msrc/archive/2006/10/27/adodb-connection-poc-published.aspx
research.eeye.com/html/alerts/zeroday/20061027.html
secunia.com/advisories/22452
securitytracker.com/id?1017127
www.kb.cert.org/vuls/id/589272
www.osvdb.org/31882
www.securityfocus.com/bid/20704
www.us-cert.gov/cas/techalerts/TA07-044A.html
www.vupen.com/english/advisories/2007/0578
docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-009
exchange.xforce.ibmcloud.com/vulnerabilities/29837
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A214