Description
Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434.
Affected products
- Microsoft / data_access_components1.5 – 1.5
- Microsoft / data_access_components2.0 – 2.0
- Microsoft / data_access_components2.1 – 2.1
- Microsoft / data_access_components2.1.1.3711.11 – 2.1.1.3711.11
- Microsoft / data_access_components2.5 – 2.5
- Microsoft / data_access_components2.5 – 2.5
- Microsoft / data_access_components2.5 – 2.5
- Microsoft / data_access_components2.5 – 2.5
- Microsoft / data_access_components2.6 – 2.6
- Microsoft / data_access_components2.6 – 2.6
- Microsoft / data_access_components2.6 – 2.6
- Microsoft / data_access_components2.6 – 2.6
- Microsoft / data_access_components2.7 – 2.7
- Microsoft / data_access_components2.7 – 2.7
- Microsoft / data_access_components2.12.4202.3 – 2.12.4202.3
References
- MAILING_LISThttp://marc.info/?l=bugtraq&m=106149556627778&w=2
- MISChttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-033
- MISChttp://www.securityfocus.com/bid/8455
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1039
- MAILING_LISThttp://marc.info/?l=ntbugtraq&m=106251069107953&w=2
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6954
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A961
- MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A962