Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.1
CVSSv2

CVE-2006-0003

Published: 12/04/2006 Updated: 19/10/2018
CVSS v2 Base Score: 5.1 | Impact Score: 6.4 | Exploitability Score: 4.9
VMScore: 525
Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P
Subscribe to Data Access Components

Vulnerability Summary

Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote malicious users to execute arbitrary code via unknown attack vectors.

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft data access components 2.5

microsoft data access components 2.8

microsoft data access components 2.7

Exploits

Exploit DB: Microsoft Internet Explorer - COM CreateObject Code Execution (MS06-014/MS06-073) (Metasploit)
## # $Id: ie_createobjectrb 10394 2010-09-20 08:06:27Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class ...
Exploit DB: Microsoft Internet Explorer - MDAC Remote Code Execution (MS06-014)
#!/bin/sh - "exec" "python" "-O" "$0" "$@" __doc__ = """[BL4CK] - MS06-014 RDSDataStore - Data Execution CVS-2006-0003 MS06-014 April 2006 *** this is a bit out-dated, but works very well *** Usage: /bl4ck_ms06_014py omfgwhathost/~user/stage2exe indexhtml Now upload indexhtml to the same webserver hosting your omfgwhat ...
Exploit DB: Microsoft Internet Explorer - 'MDAC' Remote Code Execution (MS06-014) (Metasploit) (2)
## # This file is part of the Metasploit Framework and may be redistributed # according to the licenses defined in the Authors field below In the # case of an unknown or missing license, this file defaults to the same # license as the core Framework (dual GPLv2 and Artistic) The latest # version of the Framework can always be obtained from metasp ...

Recent Articles

End of the Line for the Bredolab Botnet?
Securelist • Alexei Kadiev • 20 Dec 2010

On 25 October 2010, the Dutch police force’s Cybercrime Department announced the shutdown of 143 Bredolab botnet control servers. The next day at Armenia’s Yerevan international airport, one of those formerly responsible for running the botnet was arrested. While it is certainly possible that this marked the end of Bredolab, the technologies behind it remain and can, unfortunately, still be used to create new botnets. Malicious programs from the Backdoor.Win32.Bredolab family were first dete...

Read more...
Monthly Malware Statistics: February 2010
Securelist • Eugene Aseev • 08 Mar 2010

The first Top Twenty lists malicious programs, adware and potentially unwanted programs that were detected and neutralized when accessed for the first time, i.e. by the on-access scanner. There was no change to the top 5 malicious programs this month and judging by the number of infections, the Kido epidemic has eased off slightly. Exploit.JS.Aurora.a, which, as its name suggests, is a program designed to take advantage of vulnerabilities in a variety of software products. This exploit was widel...

Read more...

References

NVD-CWE-noinfohttp://www.us-cert.gov/cas/techalerts/TA06-101A.htmlhttp://www.kb.cert.org/vuls/id/234812http://www.securityfocus.com/bid/17462http://secunia.com/advisories/19583http://securitytracker.com/id?1015894http://www.hitachi-support.com/security_e/vuls_e/HS06-013_e/01-e.htmlhttp://www.hitachi-support.com/security_e/vuls_e/HS06-013_e/index-e.htmlhttp://secunia.com/advisories/20719http://www.osvdb.org/24517http://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdfhttp://www.securityfocus.com/bid/20797http://www.vupen.com/english/advisories/2006/1319http://www.vupen.com/english/advisories/2006/2452https://exchange.xforce.ibmcloud.com/vulnerabilities/29915https://exchange.xforce.ibmcloud.com/vulnerabilities/25006https://www.exploit-db.com/exploits/2164https://www.exploit-db.com/exploits/2052https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1778https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1742https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1511https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1323https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1204https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-014http://www.securityfocus.com/archive/1/487219/100/200/threadedhttp://www.securityfocus.com/archive/1/487216/100/200/threadedhttp://www.securityfocus.com/archive/1/475490/100/100/threadedhttp://www.securityfocus.com/archive/1/475118/100/100/threadedhttp://www.securityfocus.com/archive/1/475108/100/100/threadedhttp://www.securityfocus.com/archive/1/475104/100/100/threadedhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/16561/https://www.kb.cert.org/vuls/id/234812
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661open redirectCVE-2024-25512CVE-2024-33788command injectionSSTICVE-2024-0043CVE-2024-29210CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook