CVE-2002-1142

critical

Description

Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3573

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A294

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2730

https://exchange.xforce.ibmcloud.com/vulnerabilities/10669

https://exchange.xforce.ibmcloud.com/vulnerabilities/10659

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-065

http://www.securityfocus.com/bid/6214

http://www.kb.cert.org/vuls/id/542081

http://www.foundstone.com/knowledge/randd-advisories-display.html?id=337

http://www.cert.org/advisories/CA-2002-33.html

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0082.html

Details

Source: Mitre, NVD

Published: 2002-11-29

Updated: 2021-07-23

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical