CVE-2012-1891

Currently unrated

Key Information:

Vendor: Microsoft
Status: Data Access Components
Vendor: CVE Published:; 10 July 2012

Summary

Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbitrary code via crafted XML data that triggers access to an uninitialized object in memory, aka "ADO Cachesize Heap Overflow RCE Vulnerability."

References

http://www.us-cert.gov/cas/techalerts/TA12-192A.html

third-party-advisoryx_refsource_CERT

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

EPSS Score

95% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 10, 2012
Vulnerability Reserved
Mar 22, 2012

Collectors

NVD DatabaseMitre Database