Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:IE:WIN-ADO-EXEC

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Microsoft Windows Data Access Components ADO Record Code Execution

Release Date

 2011/01/18

Update Number

 1850

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Microsoft Windows Data Access Components ADO Record Code Execution


This signature detects attempts to exploit a known vulnerability in Microsoft Windows Data Access Components (MDAC). It is due to the way that Microsoft Data Access Components allocates memory when handling the ActiveX Data Objects (ADO) Record data structures. Remote attackers can exploit this by enticing target users to visit a maliciously crafted Web page. A successful attack can result in arbitrary code execution with the privileges of the logged in user.

Extended Description

Microsoft Data Access Components are prone to a remote memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage. Successful exploits will allow the attacker to execute arbitrary code within the context of the application. Failed exploit attempts will result in a denial-of-service condition. NOTE: This issue was originally reported at the 2010 CanSecWest conference as part of the Pwn2Own contest. It was also previously documented in BID 38951 (Microsoft Internet Explorer Unspecified Remote Code Execution Vulnerabilities) but has been moved here to better document it.

Affected Products

  • Avaya Aura Conferencing 6.0 Standard
  • Avaya CallPilot 4.0
  • Avaya CallPilot 5.0
  • Avaya Communication Server 1000 Telephony Manager 3.0
  • Avaya Communication Server 1000 Telephony Manager 4.0
  • Avaya Meeting Exchange 5.0
  • Avaya Meeting Exchange 5.0.0.0.52
  • Avaya Meeting Exchange 5.0 SP1
  • Avaya Meeting Exchange 5.0 SP2
  • Avaya Meeting Exchange 5.1
  • Avaya Meeting Exchange 5.1 SP1
  • Avaya Meeting Exchange 5.2
  • Avaya Meeting Exchange 5.2 SP1
  • Avaya Meeting Exchange 5.2 SP2
  • Avaya Meeting Exchange - Client Registration Server
  • Avaya Meeting Exchange - Recording Server
  • Avaya Meeting Exchange - Streaming Server
  • Avaya Meeting Exchange - Web Conferencing Server
  • Avaya Meeting Exchange - Webportal
  • Avaya Messaging Application Server 4
  • Avaya Messaging Application Server 5
  • Avaya Messaging Application Server 5.2
  • Microsoft Data Access Components (MDAC) 2.8
  • Microsoft Data Access Components (MDAC) 2.8 SP1
  • Microsoft Data Access Components (MDAC) 2.8 SP2
  • Microsoft Internet Explorer 8
  • Microsoft Windows Data Access Components 6.0

References

  • BugTraq: 45698
  • CVE: CVE-2011-0027

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out