HTTP: Microsoft Data Access Services RDS Data Stub Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Microsoft Data Access Components Remote Data Services. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Microsoft Data Access Components (MDAC) contains a buffer overflow in a Remote Data Services (RDS) component. The server side RDS component affected is called the RDS Data Stub, while the client side is called the Data Space control. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code, or at the very least, cause a denial of service. While this vulnerability affects Internet Explorer 6, Windows XP users are not at risk.
Affected Products
Microsoft internet_explorer
References
BugTraq: 6214
CVE: CVE-2002-1142
URL: http://www.microsoft.com/technet/security/bulletin/ms02-065.asp
Short Name
HTTP:IIS:MDAC-DATASTUB
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Access Buffer CA-2002-33 CVE-2002-1142 Data Microsoft Overflow RDS Services Stub bid:6214
Release Date
05/27/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
CVSS Score
7.5