Microsoft Data Access Components 2.5 Unchecked Buffer Vulnerability

The Microsoft Data Access Components (MDAC) provide a number of supporting technologies for accessing and using databases. Included among these functions is the underlying support for the T-SQL OpenRowSet command. A security vulnerability results because the MDAC functions underlying OpenRowSet contain an unchecked buffer. An attacker who successfully exploited it would be able to take action with all the privileges of an affected SQL Server. At a minimum, this would grant the attacker complete control over the database, and potentially could grant administrative privileges at the operating system level as well.
License Free
File Size 222.38 kB
Version MS02-040
Operating System Windows NT Windows 98 Windows 95 Windows
System Requirements Windows 95/98/NT, Microsoft Data Access Components 2.5 Service Pack 2