CVE-2002-1142

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2002-1142
Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0082.html
http://www.cert.org/advisories/CA-2002-33.html Third Party Advisory US Government Resource
http://www.foundstone.com/knowledge/randd-advisories-display.html?id=337
http://www.kb.cert.org/vuls/id/542081 US Government Resource
http://www.securityfocus.com/bid/6214
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-065
https://exchange.xforce.ibmcloud.com/vulnerabilities/10659
https://exchange.xforce.ibmcloud.com/vulnerabilities/10669
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2730
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A294
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3573
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0082.html
http://www.cert.org/advisories/CA-2002-33.html Third Party Advisory US Government Resource
http://www.foundstone.com/knowledge/randd-advisories-display.html?id=337
http://www.kb.cert.org/vuls/id/542081 US Government Resource
http://www.securityfocus.com/bid/6214
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-065
https://exchange.xforce.ibmcloud.com/vulnerabilities/10659
https://exchange.xforce.ibmcloud.com/vulnerabilities/10669
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2730
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A294
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3573
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:data_access_components:2.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:data_access_components:2.5:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:data_access_components:2.6:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.0.1:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:5.5:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
History

No history.

Information

Published : 2002-11-29 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2002-1142

Mitre link : CVE-2002-1142

CVE.ORG link : CVE-2002-1142

JSON object : View

Products Affected

microsoft

  • data_access_components
  • ie
  • internet_explorer
CWE
NVD-CWE-Other