← Zuruck zu CVEs
CVE-2011-0026
N/ABeschreibung
Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long string in the Data Source Name (DSN) and a crafted szDSN argument, which bypasses a signed comparison and leads to a buffer overflow, aka "DSN Overflow Vulnerability."
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht1/12/2011
Zuletzt geandert4/29/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
microsoft:data_access_componentsmicrosoft:windows_2003_servermicrosoft:windows_7microsoft:windows_data_access_componentsmicrosoft:windows_server_2003microsoft:windows_server_2008microsoft:windows_vistamicrosoft:windows_xp
Schwachen (CWE)
CWE-189
Referenzen
http://osvdb.org/70443(secure@microsoft.com)
http://secunia.com/advisories/42804(secure@microsoft.com)
http://support.avaya.com/css/P8/documents/100124846(secure@microsoft.com)
http://www.securityfocus.com/bid/45695(secure@microsoft.com)
http://www.securitytracker.com/id?1024947(secure@microsoft.com)
http://www.us-cert.gov/cas/techalerts/TA11-011A.html(secure@microsoft.com)
http://www.vupen.com/english/advisories/2011/0075(secure@microsoft.com)
http://www.zerodayinitiative.com/advisories/ZDI-11-001/(secure@microsoft.com)
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002(secure@microsoft.com)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12333(secure@microsoft.com)
http://osvdb.org/70443(af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/42804(af854a3a-2127-422b-91ae-364da2661108)
http://support.avaya.com/css/P8/documents/100124846(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/45695(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1024947(af854a3a-2127-422b-91ae-364da2661108)
http://www.us-cert.gov/cas/techalerts/TA11-011A.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2011/0075(af854a3a-2127-422b-91ae-364da2661108)
http://www.zerodayinitiative.com/advisories/ZDI-11-001/(af854a3a-2127-422b-91ae-364da2661108)
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002(af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12333(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.