Short Name |
HTTP:IIS:MDAC-DATASTUB |
---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Data Access Services RDS Data Stub Buffer Overflow |
Release Date |
2010/05/27 |
Update Number |
1692 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the Microsoft Data Access Components Remote Data Services. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Microsoft Data Access Components (MDAC) contains a buffer overflow in a Remote Data Services (RDS) component. The server side RDS component affected is called the RDS Data Stub, while the client side is called the Data Space control. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code, or at the very least, cause a denial of service. While this vulnerability affects Internet Explorer 6, Windows XP users are not at risk.