NVD

Id
7165  
Name
CVE-2011-0027  
Description
Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka "ADO Record Memory Vulnerability." NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2011-01-11  
Modified Date
2013-01-21  
Seq
2011-0027  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
40162 7165 CVE-2011-0027 oval:org.mitre.oval:def:12411  View
40163 7165 CVE-2011-0027 http://support.avaya.com/css/P8/documents/100124846  View
40164 7165 CVE-2011-0027 http://vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/  View
40165 7165 CVE-2011-0027 MS11-002  View
40166 7165 CVE-2011-0027 45698  View
40167 7165 CVE-2011-0027 1024947  View
40168 7165 CVE-2011-0027 TA11-011A  View
40169 7165 CVE-2011-0027 ADV-2011-0075  View
40170 7165 CVE-2011-0027 http://www.zerodayinitiative.com/advisories/ZDI-11-002/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
30777 JVNDB-2011-001016 MDAC および WDAC における任意のコードを実行される脆弱性 Microsoft Data Access Components (MDAC) および Windows Data Access Components (WDAC) は、内部データ構造へのメモリ割り当てを適切に検証しないため、任意のコードを実行される脆弱性が存在します。 CVE-2011-0027 47934 CVE-2011-0027 7165 9.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-001016.html 2011-01-11 2011-01-28 View