Vulnerability Description
Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Data Access Components | 2.1 |
| Microsoft | Ie | 6.0 |
| Microsoft | Internet Explorer | 5.0.1 |
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0082.html
- http://www.cert.org/advisories/CA-2002-33.htmlThird Party AdvisoryUS Government Resource
- http://www.foundstone.com/knowledge/randd-advisories-display.html?id=337
- http://www.kb.cert.org/vuls/id/542081US Government Resource
- http://www.securityfocus.com/bid/6214
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-06
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10659
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10669
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0082.html
- http://www.cert.org/advisories/CA-2002-33.htmlThird Party AdvisoryUS Government Resource
- http://www.foundstone.com/knowledge/randd-advisories-display.html?id=337
- http://www.kb.cert.org/vuls/id/542081US Government Resource
FAQ
What is CVE-2002-1142?
CVE-2002-1142 is a vulnerability with a CVSS score of 7.5 (HIGH). Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to ex...
How severe is CVE-2002-1142?
CVE-2002-1142 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-1142?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Data Access Components, Microsoft Ie, Microsoft Internet Explorer.