Buffer Overrun in MDAC

By Thomas McGuire on November 20, 2002, 1:41 PM
Issue:
Microsoft Data Access Components (MDAC) is a collection of components used to provide database connectivity on Windows platforms. A security vulnerability is present in the RDS implementation, specifically, in a function called the RDS Data Stub, whose purpose it is to parse incoming HTTP requests & generate RDS commands.

Affected Software:
Microsoft Data Access Components (MDAC) 2.1, 2.5 & 2.6
Microsoft Internet Explorer 5.01, 5.5 & 6.0
Note: The vulnerability does not affect Windows XP, despite the fact that it uses Internet Explorer 6.0. Windows XP customers do not need to take any action.

Patch availability:
The following patch can be installed on all affected platforms:
http://www.microsoft.com/downloads/Release.asp?ReleaseID=44733

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.