Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-1891

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-1891
Last Modified 06 Mar 2013 11:54:06
Published 10 Jul 2012 05:55:06
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-1891

Summary

Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbitrary code via crafted XML data that triggers access to an uninitialized object in memory, aka "ADO Cachesize Heap Overflow RCE Vulnerability."

Vulnerable Systems

Application

  • Microsoft Data Access Components 2.8

  • Microsoft Windows Data Access Components 6.0


References

MS - MS12-045

CERT - TA12-192A

Related Patches

MS12-045 Security Update for Windows Server 2008 R2 x64 (KB2698365)

MS12-045 Security Update for Windows Server 2008 (KB2698365)

MS12-045 Security Update for Windows Vista (KB2698365)

MS12-045 Security Update for Windows Server 2003 (KB2698365)

MS12-045 Security Update for Windows 7 (KB2698365)

MS12-045 Security Update for Windows 7 x64 (KB2698365)

MS12-045 Security Update for Windows Server 2003 x64 (KB2698365)

MS12-045 Security Update for Windows Server 2008 x64 (KB2698365)

MS12-045 Security Update for Windows Vista x64 (KB2698365)

MS12-045 Security Update for Windows XP (KB2698365)


Last Updated: 27 May 2016 10:54:51