VYPR
Critical severity9.8NVD Advisory· Published Jul 10, 2012· Updated Jun 16, 2026

CVE-2012-1891

CVE-2012-1891

Description

Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbitrary code via crafted XML data that triggers access to an uninitialized object in memory, aka "ADO Cachesize Heap Overflow RCE Vulnerability."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

5
  • cpe:2.3:a:microsoft:data_access_components:2.8:sp1:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:data_access_components:2.8:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:data_access_components:2.8:sp2:*:*:*:*:*:*
    • (no CPE)range: 2.8 SP1 and SP2
  • cpe:2.3:a:microsoft:windows_data_access_components:6.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:microsoft:windows_data_access_components:6.0:*:*:*:*:*:*:*
    • (no CPE)range: 6.0

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.