Microsoft has reported a vulnerability in MDAC (Microsoft Data Access Components), which potentially can be exploited by malicious people to compromise a vulnerable system.
The problem is that the reply, which MDAC receives when it broadcasts a request to identify all systems running SQL Server, isn't properly verified.
This allows malicious people on the network to send a specially crafted reply, which can cause a buffer overflow and possibly lead to execution of arbitrary code on a system running MDAC or SQL Server.
The vulnerability affects MDAC 2.5, 2.6, 2.7, and 2.8.
MDAC is included in Windows XP, Windows 2000, and Windows 2003 Server.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com
Subject: Microsoft Data Access Components Broadcast Reply Buffer Overflow
RE: Microsoft Data Access Components Broadcast Reply Buffer Overflow
30th May, 2012 06:00
Score: -4012 Posts: 126 User Since: 30th May 2012 System Score: N/A Location: DZ Last edited on 30th May, 2012 06:00
In this week’s issue of Grazia luxury brand Louis Vuitton exclusively reveal their glamorous spring/summer’12 <b><a href="http://www.louisvuittonsunglassesusa.com">Louis vuitton Sunglasses</a></b> range by showing them on a new generation of ‘It’ girls and boys. It's a veritable who’s who of the hippest people on planet earth right now, and if you like to stay in the know you should consider that an extra good reason to hotfoot it to <b><a href="http://www.louisvuittonsunglassesusa.com">Louis vuitton Outlet</a></b> – TODAY
Was this reply relevant?
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.