7 results (0.006 seconds)

CVSS: 9.3EPSS: 96%CPEs: 13EXPL: 3

CVE-2006-5559 – Microsoft Internet Explorer - ADODB Execute Denial of Service (PoC)

https://notcve.org/view.php?id=CVE-2006-5559

The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote attackers to cause a denial of service (Internet Explorer crash) and possibly execute arbitrary code via certain strings in the second and third arguments. El objeto de control ActiveX ADODB.Connection 2.7 (ADODB.Connection.2.7) permite a atacantes remotos provocar una denegación de servicio (caída de Internet Explorer) mediante argumentos largos para la función Execute. • https://www.exploit-db.com/exploits/2629 http://blogs.technet.com/msrc/archive/2006/10/27/adodb-connection-poc-published.aspx http://research.eeye.com/html/alerts/zeroday/20061027.html http://secunia.com/advisories/22452 http://securitytracker.com/id?1017127 http://www.kb.cert.org/vuls/id/589272 http://www.osvdb.org/31882 http://www.securityfocus.com/bid/20704 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2007/0578 • CWE-20: Improper Input Validation •

CVSS: 5.1EPSS: 96%CPEs: 6EXPL: 3

CVE-2006-0003 – Microsoft Internet Explorer - 'MDAC' Remote Code Execution (MS06-014)

https://notcve.org/view.php?id=CVE-2006-0003

Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors. • https://www.exploit-db.com/exploits/2164 https://www.exploit-db.com/exploits/16561 https://www.exploit-db.com/exploits/2052 http://secunia.com/advisories/19583 http://secunia.com/advisories/20719 http://securitytracker.com/id?1015894 http://www.hitachi-support.com/security_e/vuls_e/HS06-013_e/01-e.html http://www.hitachi-support.com/security_e/vuls_e/HS06-013_e/index-e.html http://www.kb.cert.org/vuls/id/234812 http://www.osvdb.org/24517 http:/ •

CVSS: 10.0EPSS: 42%CPEs: 4EXPL: 0

CVE-2003-0903

https://notcve.org/view.php?id=CVE-2003-0903

Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request. Desbordamiento de búfer en un componente de Microsoft Data Access Components (MDAC) 2.5 a 2.8 permite a atacantes remotos ejecutar código arbitrario mediante una respuesta UDP malformada a una petición de difusión. • http://www.kb.cert.org/vuls/id/139150 http://www.osvdb.org/3457 http://www.securityfocus.com/bid/9407 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-003 https://exchange.xforce.ibmcloud.com/vulnerabilities/14187 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A525 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A553 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 11%CPEs: 15EXPL: 0

CVE-2003-0353

https://notcve.org/view.php?id=CVE-2003-0353

Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434. Desbordamientos de búfer en cierto componente de Microsoft Data Access Components (MDAC) 2.5 a 2.7 permite a atacantes remotos ejecutar código arbitrario mediante una cierta respuesta a una dirección de multidifusión. • http://marc.info/?l=bugtraq&m=106149556627778&w=2 http://marc.info/?l=ntbugtraq&m=106251069107953&w=2 http://www.securityfocus.com/bid/8455 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-033 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1039 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6954 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A961 http •

CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 0

CVE-2002-1918

https://notcve.org/view.php?id=CVE-2002-1918

Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remote attackers to have unknown impact with unknown attack vectors. NOTE: due to the lack of details available regarding this issue, perhaps it should be REJECTED. • http://www.nextgenss.com/vna/ms-ado.txt http://www.securityfocus.com/bid/4849 https://exchange.xforce.ibmcloud.com/vulnerabilities/10186 •