SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   OS (Microsoft)  >   Microsoft Data Access Components (MDAC) Vendors:   Microsoft
Microsoft Data Access Components (MDAC) Memory Corruption Errors in Processing DSN Data and ADO Records Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1024947
SecurityTracker URL:  http://securitytracker.com/id/1024947
CVE Reference:   CVE-2011-0026, CVE-2011-0027   (Links to External Site)
Date:  Jan 11 2011
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2003 SP2, Vista SP2, 2008 SP2, 2008 R2, XP SP3, 7; and prior service packs
Description:   Two vulnerabilities were reported in Microsoft Data Access Components (MDAC). A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create specially crafted HTML that, when loaded by the target user, will invoke a third party application that will trigger a buffer overflow in the Data Source Name (DSN) argument of an Open Database Connectivity (ODBC) API and execute arbitrary code on the target system [CVE-2011-0026]. The code will run with the privileges of the target user.

Abdul Aziz Hariri reported this vulnerability via TippingPoint's Zero Day Initiative.

A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a memory allocation error in an ActiveX Data Object (ADO) record and execute arbitrary code on the target system [CVE-2011-0027]. The code will run with the privileges of the target user.

Peter Vreugdenhil reported this vulnerability via TippingPoint's Zero Day Initiative.

Impact:   A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:   The vendor has issued the following fixes:

Windows XP Service Pack 3, Microsoft Data Access Components 2.8 Service Pack 1:

http://www.microsoft.com/downloads/details.aspx?familyid=7951FD7B-6B0A-4168-8519-312A62FF3289

Windows XP Professional x64 Edition Service Pack 2, Microsoft Data Access Components 2.8 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=CE06BFDC-7B0D-4E65-9A13-E009E3A6A9F0

Windows Server 2003 Service Pack 2, Microsoft Data Access Components 2.8 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=D451CED7-C9C7-4C41-9D44-8F8929FCA390

Windows Server 2003 x64 Edition Service Pack 2, Microsoft Data Access Components 2.8 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=3F2C8CFA-819E-4FD9-93BA-B687EB2D46FE

Windows Server 2003 with SP2 for Itanium-based Systems, Microsoft Data Access Components 2.8 Service Pack 2:

http://www.microsoft.com/downloads/details.aspx?familyid=8DBCBB91-464B-4EB3-B7E5-AFE82FEBF8D7

Windows Vista Service Pack 1 and Windows Vista Service Pack 2, Windows Data Access Components 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=13445E4A-099A-4EDD-864E-C44F42940500

Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2, Windows Data Access Components 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=FD6B806E-50D4-4F4D-96E1-7C71FCA4C543

Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2, Windows Data Access Components 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=3D0885AC-97B3-46B5-970D-CC810270FBA3

Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2, Windows Data Access Components 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=8F33C57E-343C-4CDB-B667-AF18A8779AD2

Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2, Windows Data Access Components 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=5ECC8180-6BAA-4F4B-A392-4B45A30469FC

Windows 7 for 32-bit Systems, Windows Data Access Components 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=3DFD4F1C-E7A5-4686-8D2C-B7A5A53C5333

Windows 7 for x64-based Systems, Windows Data Access Components 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=CF30E5C0-811B-4ECD-A6B2-874000D25074

Windows Server 2008 R2 for x64-based Systems, Windows Data Access Components 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=CC9BAC5A-3EAA-46FB-9EF4-C511B5F57996

Windows Server 2008 R2 for Itanium-based Systems, Windows Data Access Components 6.0:

http://www.microsoft.com/downloads/details.aspx?familyid=BA2612EC-FFAD-4CD3-85C6-BA07F70A0D24

The Microsoft advisory is available at:

http://www.microsoft.com/technet/security/bulletin/ms11-002.mspx

Vendor URL:  www.microsoft.com/technet/security/bulletin/ms11-002.mspx (Links to External Site)
Cause:   Boundary error
Underlying OS:  

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC