Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbitrary code via crafted XML data that triggers access to an uninitialized object in memory, aka "ADO Cachesize Heap Overflow RCE Vulnerability."
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
History
17 Oct 2024, 19:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-908 | |
CVSS |
v2 : v3 : |
v2 : 9.3
v3 : 9.8 |
07 Dec 2023, 18:38
Type | Values Removed | Values Added |
---|---|---|
CPE |
Information
Published : 2012-07-10 21:55
Updated : 2024-10-17 19:35
NVD link : CVE-2012-1891
Mitre link : CVE-2012-1891
CVE.ORG link : CVE-2012-1891
JSON object : View
Products Affected
microsoft
- windows_vista
- windows_7
- windows_data_access_components
- windows_xp
- data_access_components
- windows_server_2003
- windows_server_2008