Unrated severityNVD Advisory· Published Jul 19, 1999· Updated Apr 16, 2026

CVE-1999-1011

Description

The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.

Affected products

Microsoft/Data Access Components3 versions
cpe:2.3:a:microsoft:data_access_components:1.5:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:data_access_components:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:data_access_components:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:data_access_components:2.1:*:*:*:*:*:*:*
Microsoft/Index Server
cpe:2.3:a:microsoft:index_server:2.0:*:*:*:*:*:*:*
Microsoft/Internet Information Server2 versions
cpe:2.3:a:microsoft:internet_information_server:3.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:internet_information_server:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:internet_information_server:4.0:*:*:*:*:*:*:*
Microsoft/Site Server
cpe:2.3:a:microsoft:site_server:3.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.063
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000