PT-2002-2141 · Microsoft · Data Access Components+2

Published

2002-11-29

Updated

2021-07-23

CVE-2002-1142

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Microsoft Data Access Components (MDAC) versions 2.1 through 2.6 Internet Explorer versions 5.01 through 6.0

Description: A heap-based buffer overflow in the Remote Data Services (RDS) component allows remote attackers to execute code via a malformed HTTP request to the Data Stub.

Recommendations: For Microsoft Data Access Components (MDAC) versions 2.1 through 2.6, update to a version that is not affected by this issue. For Internet Explorer versions 5.01 through 6.0, update to a version that is not affected by this issue. As a temporary workaround, consider restricting access to the RDS component to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1142

Affected Products

Internet Explorer

Data Access Components

Remote Data Services

PT-2002-2141 · Microsoft · Data Access Components+2

CVE-2002-1142

Related Identifiers

Affected Products

References · 14