CVE-2011-0027
Last modified
CVE-2011-0027 is a vulnerability of currently unknown severity. Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka "ADO Record Memory Vulnerability." NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118.. EPSS estimates a 54.37% chance of exploitation in the next 30 days.
Description
Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka "ADO Record Memory Vulnerability." NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Microsoft | Data Access Components | 2.8 | Sp1 |
| Microsoft | Windows Data Access Components | 6.0 | — |
References
- http://secunia.com/advisories/42804Vendor Advisory
- http://www.us-cert.gov/cas/techalerts/TA11-011A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2011/0075Vendor Advisory
- http://secunia.com/advisories/42804Vendor Advisory
- http://www.us-cert.gov/cas/techalerts/TA11-011A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2011/0075Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2011-0027?
How severe is CVE-2011-0027?
How do I fix CVE-2011-0027?
Are you affected by CVE-2011-0027?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST