MDAC RDS.Dataspace ActiveX object code execution

mdac-rdsdataspace-execute-code (25006) The risk level is classified as HighHigh Risk

Description:

Microsoft Data Access Components (MDAC) could allow a remote attacker to execute arbitrary code, caused by a vulnerability in the RDS.Dataspace ActiveX object that is part of the Active X Data Objects (ADO) and distributed in MDAC. Remote Data Service (RDS) could allow the attacker to execute arbitrary code on a victim's system, if the victim can be persuaded to visit the Web site or view the email message. The code will be executed with privileges of the victim.

Platforms Affected:

  • Microsoft, Data Access Components 2.5 sp3
  • Microsoft, Data Access Components 2.7 sp1
  • Microsoft, Data Access Components 2.8
  • Microsoft, Data Access Components 2.8 sp1
  • Microsoft, Data Access Components 2.8 sp2
  • Microsoft, Windows 2000 SP4
  • Microsoft, Windows 2003 Server SP1 Itanium
  • Microsoft, Windows 2003 Server Itanium
  • Microsoft, Windows 2003 Server x64
  • Microsoft, Windows 2003 Server SP1
  • Microsoft, Windows XP SP2
  • Microsoft, Windows XP SP1
  • Microsoft, Windows XP x64-Professional

Remedy:

Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS06-014. See References.

For Microsoft Data Access Components 2.5 Service Pack 3 when installed on Microsoft Windows 2000 Service Pack 4, Microsoft Data Access Components 2.7 Service Pack 1 when installed on Microsoft Windows 2000 Service Pack 4, and Microsoft Data Access Components 2.8 Service Pack 1 installed on on Microsoft Windows 2000 Service Pack 4:
Microsoft originally provided a patch for this vulnerability in MS06-014, but it was superseded by the patch released with MS07-009. See References.

Consequences:

Gain Access

References:

  • Internet Security Systems Protection Alert - April 11, 2006, Microsoft MDAC Remote Code Execution at http://xforce.iss.net/xforce/alerts/id/219.
  • Microsoft Security Bulletin MS06-014, Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562) at http://www.microsoft.com/technet/security/bulletin/ms06-014.mspx.
  • Microsoft Security Bulletin MS07-009, Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (927779) at http://www.microsoft.com/technet/security/Bulletin/ms07-009.mspx.
  • US-CERT Technical Cyber Security Alert TA06-101A, Microsoft Windows and Internet Explorer Vulnerabilities at http://www.us-cert.gov/cas/techalerts/TA06-101A.html.
  • ASA-2006-079: Windows Security Updates for April 2006 - (MS06-013 - MS06-017)
  • BID-17462: Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution Vulnerability
  • BID-20797: Retired: Microsoft Internet Explorer Unspecified Code Execution Vulnerability
  • CVE-2006-0003: Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors.
  • FrSIRT/ADV-2006-1319: Microsoft Data Access Components Code Execution Vulnerability (MS06-014)
  • FrSIRT/ADV-2006-2452: Hitachi Products MDAC RDS.Dataspace ActiveX Remote Code Execution Vulnerability
  • OSVDB ID: 24517: Microsoft Data Access Components RDS.Dataspace ActiveX Remote Code Execution
  • SA19583: Microsoft Data Access Components RDS.Dataspace ActiveX Vulnerability
  • SA20719: Hitachi Products MDAC RDS.Dataspace ActiveX Vulnerability
  • SECTRACK ID: 1015894: Microsoft Data Access Components RDS.Dataspace Access Control Bug Lets Remote Users Execute Arbitrary Code
  • US-CERT VU#234812: RDS.Dataspace ActiveX control bypasses ActiveX security model

Reported:

Apr 11, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page