CVE-2002-1142

Sažetak

Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub.

Reference

http://www.cert.org/advisories/CA-2002-33.html
http://www.foundstone.com/knowledge/randd-advisories-display.html?id=337
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0082.html
http://www.kb.cert.org/vuls/id/542081
http://www.securityfocus.com/bid/6214
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3573
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A294
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2730
https://exchange.xforce.ibmcloud.com/vulnerabilities/10669
https://exchange.xforce.ibmcloud.com/vulnerabilities/10659
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-065

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

23-07-2021 - 12:55

Objavljeno

29-11-2002 - 05:00