Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution Vulnerability

Microsoft MDAC RDS.Dataspace ActiveX Control Remote Code Execution Vulnerability

A Metasploit exploit module is available.

The following exploit code is available; Symantec has not verified it.

CAUTION: Since the exploit code may contain malicious content, handle it carefully.

UPDATE (May 15, 2007): This issue is being exploited in the wild by the MPack hacker tool. Please see the references for more information.

/data/vulnerabilities/exploits/ie_createobject.pm
/data/vulnerabilities/exploits/0day_ie.pdf
/data/vulnerabilities/exploits/exp_changed.htm
/data/vulnerabilities/exploits/IEexploit_original.html
/data/vulnerabilities/exploits/17462July302007.html
/data/vulnerabilities/exploits/17462.py
/data/vulnerabilities/exploits/17462Jan282008.html