Vulnerability CVE-2006-0003

Vulnerability CVE-2006-0003

Published: 2006-04-11 Modified: 2012-02-12

Description:

Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:H/Au:N/C:P/I:P/A:P)

CVSS Base Score	Impact Subscore	Exploitability Subscore
5.1/10	6.4/10	4.9/10

Exploit range	Attack complexity	Authentication
Remote	High	No required
Confidentiality impact	Integrity impact	Availability impact
Partial	Partial	Partial

Affected software
Microsoft -> Data access components

References:

http://securitytracker.com/id?1015894

http://www.hitachi-support.com/security_e/vuls_e/HS06-013_e/01-e.html

http://www.hitachi-support.com/security_e/vuls_e/HS06-013_e/index-e.html

http://www.kb.cert.org/vuls/id/234812

http://www.securityfocus.com/archive/1/475104/100/100/threaded

http://www.securityfocus.com/archive/1/475108/100/100/threaded

http://www.securityfocus.com/archive/1/475118/100/100/threaded

http://www.securityfocus.com/archive/1/475490/100/100/threaded

http://www.securityfocus.com/archive/1/487216/100/200/threaded

http://www.securityfocus.com/archive/1/487219/100/200/threaded

http://www.securityfocus.com/bid/17462

http://www.securityfocus.com/bid/20797

http://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdf

http://www.us-cert.gov/cas/techalerts/TA06-101A.html

http://www.vupen.com/english/advisories/2006/1319

http://www.vupen.com/english/advisories/2006/2452

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-014

https://exchange.xforce.ibmcloud.com/vulnerabilities/25006

https://exchange.xforce.ibmcloud.com/vulnerabilities/29915

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1204

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1323

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1511

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1742

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1778

https://www.exploit-db.com/exploits/2052

https://www.exploit-db.com/exploits/2164

Vulnerability CVE-2006-0003

Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors.

CWE-noinfo

CVSS2 => (AV:N/AC:H/Au:N/C:P/I:P/A:P)

5.1/10

6.4/10

4.9/10

Remote

High

No required

Partial

Partial

Partial

Affected software

References: