Published: 12/01/2011 Updated: 07/12/2023

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote malicious users to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka "ADO Record Memory Vulnerability." NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft data_access_components 2.8
microsoft windows_data_access_components 6.0

<html xmlns:t = "urn:schemas-microsoft-com:time"> <head> <meta name="License" content="Q Public License;enwikipediaorg/wiki/Q_Public_License"> <style> body { } #test { } </style> <script src="heapLibjs"></script> <script> // This c ...

CWE-20 http://www.vupen.com/english/advisories/2011/0075 http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/http://www.us-cert.gov/cas/techalerts/TA11-011A.html http://www.zerodayinitiative.com/advisories/ZDI-11-002/http://www.securitytracker.com/id?1024947 http://support.avaya.com/css/P8/documents/100124846 http://secunia.com/advisories/42804 http://www.securityfocus.com/bid/45698 http://osvdb.org/70444 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12411 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002 https://nvd.nist.gov https://www.exploit-db.com/exploits/15984/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-0027

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect