Unrated severityNVD Advisory· Published Jan 12, 2011· Updated Jun 16, 2026
CVE-2011-0027
CVE-2011-0027
Description
Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka "ADO Record Memory Vulnerability." NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:microsoft:data_access_components:2.8:sp1:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:data_access_components:2.8:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:data_access_components:2.8:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:windows_data_access_components:6.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
11- secunia.com/advisories/42804nvdVendor Advisory
- www.vupen.com/english/advisories/2011/0075nvdVendor Advisory
- www.us-cert.gov/cas/techalerts/TA11-011A.htmlnvdUS Government Resource
- osvdb.org/70444nvd
- support.avaya.com/css/P8/documents/100124846nvd
- vreugdenhilresearch.nl/ms11-002-pwn2own-heap-overflow/nvd
- www.securityfocus.com/bid/45698nvd
- www.securitytracker.com/idnvd
- www.zerodayinitiative.com/advisories/ZDI-11-002/nvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-002nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12411nvd
News mentions
0No linked articles in our index yet.