CVE-2011-0026

Description

Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long string in the Data Source Name (DSN) and a crafted szDSN argument, which bypasses a signed comparison and leads to a buffer overflow, aka "DSN Overflow Vulnerability."

Related CPE's

amicrosoftdata_access_components2.8sp1******

omicrosoftwindows_xp********

amicrosoftdata_access_components2.8sp2******

omicrosoftwindows_xp-sp2x64*****

omicrosoftwindows_server_2003*sp2******

omicrosoftwindows_2003_server*sp2******

amicrosoftwindows_data_access_components6.0*******

omicrosoftwindows_vista*sp2x64*****

omicrosoftwindows_server_2008*sp2x32*****

omicrosoftwindows_server_2008r2*itanium*****

References

45695

42804

ADV-2011-0075

http://support.avaya.com/css/P8/documents/100124846

TA11-011A

US Government Resource

1024947

70443

http://www.zerodayinitiative.com/advisories/ZDI-11-001/

oval:org.mitre.oval:def:12333

MS11-002

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:M/Au:N/C:C/I:C/A:C

AccessVector

NETWORK

AccessComplexity

MEDIUM

Authentication

NONE

ConfidentialityImpact

COMPLETE

IntegrityImpact

COMPLETE

AvailabilityImpact

COMPLETE

BaseScore

9.300000190734863

Created by Yello
About Severity.io