The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote attackers to cause a denial of service (Internet Explorer crash) and possibly execute arbitrary code via certain strings in the second and third arguments.
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
| Link | Tags |
|---|---|
| http://securitytracker.com/id?1017127 | exploit vdb entry patch vendor advisory |
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-009 | vendor advisory |
| http://www.securityfocus.com/bid/20704 | exploit vdb entry patch |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A214 | vdb entry signature |
| http://secunia.com/advisories/22452 | third party advisory vendor advisory |
| http://www.us-cert.gov/cas/techalerts/TA07-044A.html | third party advisory us government resource |
| http://research.eeye.com/html/alerts/zeroday/20061027.html | patch |
| http://www.kb.cert.org/vuls/id/589272 | us government resource third party advisory patch |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29837 | vdb entry |
| http://www.osvdb.org/31882 | vdb entry |
| http://blogs.technet.com/msrc/archive/2006/10/27/adodb-connection-poc-published.aspx | |
| http://www.vupen.com/english/advisories/2007/0578 | vdb entry vendor advisory |