|
Microsoft Data Access Components RDS.Dataspace ActiveX sårbarhed
|
|
|
|
|
Secunia Advisory:
|
SA19583
|
|
|
Udsendt:
|
2006-04-11
|
|
|
Kritisk:
|
Meget kritisk
|
|
Betydning:
|
Systemadgang
|
|
Hvor:
|
Fra Internet
|
|
Løsning Status:
|
Producent Patch
|
|
| OS: | Microsoft Windows 2000 Advanced Server
Microsoft Windows 2000 Datacenter Server
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
|
| | Software: | Microsoft Data Access Components (MDAC) 2.x
|
| | CVE reference: | CVE-2006-0003 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Beskrivelse:
Der er rapporteret en sårbarhed i Microsoft Data Access Components (MDAC), som kan udnyttes af ondsindede personer til at kompromittere et sårbart system.
Sårbarheden skyldes en uspecificeret fejl i RDS.Dataspace ActiveX-komponenten, da den i visse tilfælde ikke kontrollerer, om den har sikker interaktionen med et website.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, using the Network Software Inspector.
Løsning:
Installér patches.
Microsoft Windows XP Service Pack 1 med Microsoft Data Access Components 2.7 Service Pack 1:
http://www.microsoft.com/downloads/de...=2F9E772C-8122-4027-A117-E93227B2C79F
Microsoft Windows XP Service Pack 2 med Microsoft Data Access Components 2.8 Service Pack 1:
http://www.microsoft.com/downloads/de...=2F9E772C-8122-4027-A117-E93227B2C79F
Microsoft Windows XP Professional x64 Edition med Microsoft Data Access Components 2.8 Service Pack 2:
http://www.microsoft.com/downloads/de...=9C8B645D-0F01-4B79-B6B3-55279BEDB944
Microsoft Windows Server 2003 med Microsoft Data Access Components 2.8:
http://www.microsoft.com/downloads/de...=39B29ED4-9B95-4593-BCB6-4BB03CA5F8F1
Microsoft Windows Server 2003 Service Pack 1 med Microsoft Data Access Components 2.8 Service Pack 2:
http://www.microsoft.com/downloads/de...=39B29ED4-9B95-4593-BCB6-4BB03CA5F8F1
Microsoft Windows Server 2003 for Itanium-based Systems med Microsoft Data Access Components 2.8:
http://www.microsoft.com/downloads/de...=4D2FE426-E34E-4192-8A0F-35E440E948E2
Microsoft Windows Server 2003 SP1 Itanium med Microsoft Data Access Components 2.8 Service Pack 2:
http://www.microsoft.com/downloads/de...=4D2FE426-E34E-4192-8A0F-35E440E948E2
Microsoft Windows Server 2003 x64 Edition med Microsoft Data Access Components 2.8 Service Pack 2:
http://www.microsoft.com/downloads/de...=E237C2C7-9819-437B-AB70-298BA62AC285
Windows 2000 Service Pack 4 med Microsoft Data Access Components 2.5 Service Pack 3 installeret:
http://www.microsoft.com/downloads/de...=1B3E6CB9-1EF2-4BA1-A2F2-F87B717372FB
Windows 2000 Service Pack med Microsoft Data Access Components 2.7 Service Pack 1 installeret:
http://www.microsoft.com/downloads/de...=0AA7C8B7-8417-42D8-8E73-5466C03B8C65
Windows 2000 Service Pack 4 med Microsoft Data Access Components 2.8 installed:
http://www.microsoft.com/downloads/de...=2494B25D-452F-4025-8B67-41A5C840F7E2
Windows 2000 Service Pack 4 med Microsoft Data Access Components 2.8 Service Pack 1 installeret:
http://www.microsoft.com/downloads/de...=7358DA31-959C-4E3E-8115-51DC6D441365
Windows XP Service Pack 1 med Microsoft Data Access Components 2.8 installeret:
http://www.microsoft.com/downloads/de...=2494B25D-452F-4025-8B67-41A5C840F7E2
Rapporteret af / Kredit:
Producenten krediterer:
* Golan Yosef, Finjan.
* Stefano Meller og Mirko Gatto, Yarix.
Original Advisory:
MS06-014 (KB911562):
http://www.microsoft.com/technet/security/Bulletin/MS06-014.mspx
Andre Kilder:
US-CERT VU#234812:
http://www.kb.cert.org/vuls/id/234812
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
243 Relaterede Secunia Advisories, displaying 10
|
|
|
1. Microsoft Windows LSASS rettighedseskalering
|
|
2. Microsoft Windows TCP/IP-implementation sårbarheder
|
|
3. Microsoft Windows Message Queuing Service buffer overflow
|
|
4. Windows Media Format Runtime ASF-fortolkningssårbarhed
|
|
5. Microsoft Windows Message Queuing Service rettighedseskalering
|
|
6. Microsoft DirectX SAMI/WAV/AVI fil-fortolkning sårbarheder
|
|
7. Microsoft "Web Proxy Auto-Discovery" feature sikkerhedsproblem
|
|
8. Microsoft Windows DNS-service cache-forgiftning
|
|
9. Macrovision SafeDisc secdrv.sys rettighedseskalering
|
|
10. Windows 2000 RPC-godkendelse afsløring af information
|
Vis alle relaterede advisories
|
|
|
Send Feedback to Secunia
|
|
Hvis du har ny information angående dette Secunia advisory eller et produkt i vores database, så send det venligst til os. Du kan sende det til os enten ved at bruge vores web formular eller ved at sende det til vuln@secunia.com.
Ideer, foreslag og andet feedback er også meget velkommen.
|
|
|
|
