VYPR

Windows Data Access Components

by Microsoft

CVEs (4)

  • CVE-2012-1891CriJul 10, 2012
    risk 0.66cvss 9.8epss 0.29

    Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbitrary code via crafted XML data that triggers access to an uninitialized object in memory, aka "ADO…

  • CVE-2011-0027Jan 12, 2011
    risk 0.07cvss epss 0.54

    Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property…

  • CVE-2011-1975Aug 10, 2011
    risk 0.03cvss epss 0.43

    Untrusted search path vulnerability in the Data Access Tracing component in Windows Data Access Components (Windows DAC) 6.0 in Microsoft Windows 7 Gold and SP1 and Windows Server 2008 R2 and R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current…

  • CVE-2011-0026Jan 12, 2011
    risk 0.03cvss epss 0.34

    Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long string in the Data Source Name…