Vulnerability

Microsoft Data Access Components RDS.Dataspace ActiveX Vulnerability

Publish date: February 24, 2014

CVE-2006-0003,MS06-014

SEVERITY

MEDIUM

//  ADVISORY DATE

  


DESCRIPTION

Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors.

TREND MICRO PROTECTION INFORMATION

Trend Micro Deep Security shields networks through Deep Packet Inspection (DPI) rules. Trend Micro customers using OfficeScan with Intrusion Defense Firewall (IDF) plugin are also protected from attacks using these vulnerabilities. Please refer to the filter number and filter name when applying appropriate DPI and/or IDF rules.

SOLUTION

Trend Micro Deep Security DPI Rule Number: 1002102

Trend Micro Deep Security DPI Rule Name: 1002102 - Microsoft Data Access Components Function Code Execution

AFFECTED SOFTWARE AND VERSION

  • Microsoft MDAC 2.5 SP3
  • Microsoft MDAC 2.7
  • Microsoft MDAC 2.7 SP1
  • Microsoft MDAC 2.8
  • Microsoft MDAC 2.8.0 SP1
  • Microsoft MDAC 2.8.0 SP2
  • microsoft data_access_components 2.5
  • microsoft data_access_components 2.7
  • microsoft data_access_components 2.8

Featured Stories

Connect with us on