Vulnerability Description
The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Data Access Components | 1.5 |
| Microsoft | Index Server | 2.0 |
| Microsoft | Internet Information Server | 3.0 |
| Microsoft | Site Server | 3.0 |
Related Weaknesses (CWE)
References
- http://www.ciac.org/ciac/bulletins/j-054.shtml
- http://www.osvdb.org/272
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-00
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-02
- https://www.securityfocus.com/bid/529
- http://www.ciac.org/ciac/bulletins/j-054.shtml
- http://www.osvdb.org/272
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-00
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-02
- https://www.securityfocus.com/bid/529
FAQ
What is CVE-1999-1011?
CVE-1999-1011 is a vulnerability with a CVSS score of 10.0 (HIGH). The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.
How severe is CVE-1999-1011?
CVE-1999-1011 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1011?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Data Access Components, Microsoft Index Server, Microsoft Internet Information Server, Microsoft Site Server.