|
|
Microsoft Data Access Components ODBC Buffer Overflow Vulnerability
|
Bugtraq ID:
|
8455
|
|
Class:
|
Boundary Condition Error
|
|
CVE:
|
CAN-2003-0353
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Aug 20 2003 12:00AM
|
|
Updated:
|
Aug 20 2003 12:00AM
|
|
Credit:
|
The discovery of this vulnerability has been credited to "Aaron C. Newman" <aaron@newman-family.com>
|
|
Vulnerable:
|
Microsoft MDAC 2.7 RTM Refresh
Microsoft MDAC 2.7
+
Microsoft Visual Studio .NET Academic Edition 0
+
Microsoft Visual Studio .NET Academic Edition 0
+
Microsoft Visual Studio .NET Enterprise Architect Edition
+
Microsoft Visual Studio .NET Enterprise Architect Edition
+
Microsoft Visual Studio .NET Enterprise Developer Edition
+
Microsoft Visual Studio .NET Enterprise Developer Edition
+
Microsoft Visual Studio .NET Professional Edition
+
Microsoft Visual Studio .NET Professional Edition
+
Microsoft Visual Studio .NET Trial Edition 0
+
Microsoft Visual Studio .NET Trial Edition 0
+
Microsoft Windows XP 0
+
Microsoft Windows XP 64-bit Edition
+
Microsoft Windows XP 64-bit Edition
+
Microsoft Windows XP Home
+
Microsoft Windows XP Home
+
Microsoft Windows XP Professional
+
Microsoft Windows XP Professional
Microsoft MDAC 2.6 SP2 Refresh
Microsoft MDAC 2.6 SP2
Microsoft MDAC 2.6 SP1
Microsoft MDAC 2.6 RTM
Microsoft MDAC 2.6
+
Microsoft SQL Server 2000 SP2
+
Microsoft SQL Server 2000 SP2
+
Microsoft SQL Server 2000 SP1
+
Microsoft SQL Server 2000 SP1
+
Microsoft SQL Server 2000
+
Microsoft SQL Server 2000
+
Microsoft SQL Server 2000 Desktop Engine
+
Microsoft SQL Server 2000 Desktop Engine
Microsoft MDAC 2.5 SP3
Microsoft MDAC 2.5 SP2
Microsoft MDAC 2.5 SP1
Microsoft MDAC 2.5 RTM
Microsoft MDAC 2.5
+
Microsoft Office 2000 SP2
+
Microsoft Office 2000 SP2
+
Microsoft Office 2000 SP1
+
Microsoft Office 2000 SP1
+
Microsoft SQL Server 7.0 SP3 alpha
+
Microsoft SQL Server 7.0 SP3 alpha
+
Microsoft SQL Server 7.0 SP3
+
Microsoft SQL Server 7.0 SP3
+
Microsoft SQL Server 7.0 SP2 alpha
+
Microsoft SQL Server 7.0 SP2 alpha
+
Microsoft SQL Server 7.0 SP2
+
Microsoft SQL Server 7.0 SP2
+
Microsoft Windows 2000 Advanced Server SP2
+
Microsoft Windows 2000 Advanced Server SP2
+
Microsoft Windows 2000 Advanced Server SP1
+
Microsoft Windows 2000 Advanced Server SP1
+
Microsoft Windows 2000 Advanced Server
+
Microsoft Windows 2000 Advanced Server
+
Microsoft Windows 2000 Datacenter Server SP2
+
Microsoft Windows 2000 Datacenter Server SP2
+
Microsoft Windows 2000 Datacenter Server SP1
+
Microsoft Windows 2000 Datacenter Server SP1
+
Microsoft Windows 2000 Datacenter Server
+
Microsoft Windows 2000 Datacenter Server
+
Microsoft Windows 2000 Professional SP2
+
Microsoft Windows 2000 Professional SP2
+
Microsoft Windows 2000 Professional SP1
+
Microsoft Windows 2000 Professional SP1
+
Microsoft Windows 2000 Professional
+
Microsoft Windows 2000 Professional
+
Microsoft Windows 2000 Server SP2
+
Microsoft Windows 2000 Server SP2
+
Microsoft Windows 2000 Server SP1
+
Microsoft Windows 2000 Server SP1
+
Microsoft Windows 2000 Server
+
Microsoft Windows 2000 Server
+
Microsoft Windows 2000 Server Japanese Edition
+
Microsoft Windows 2000 Server Japanese Edition
+
Microsoft Windows 2000 Terminal Services SP2
+
Microsoft Windows 2000 Terminal Services SP2
+
Microsoft Windows 2000 Terminal Services SP1
+
Microsoft Windows 2000 Terminal Services SP1
+
Microsoft Windows 2000 Terminal Services
+
Microsoft Windows 2000 Terminal Services
|
|
|
|
Not Vulnerable:
|
Microsoft MDAC 2.8
+
Microsoft Windows 2000 Advanced Server SP4
+
Microsoft Windows 2000 Advanced Server SP4
+
Microsoft Windows 2000 Advanced Server SP3
+
Microsoft Windows 2000 Advanced Server SP3
+
Microsoft Windows 2000 Advanced Server SP2
+
Microsoft Windows 2000 Advanced Server SP2
+
Microsoft Windows 2000 Advanced Server SP1
+
Microsoft Windows 2000 Advanced Server SP1
+
Microsoft Windows 2000 Advanced Server
+
Microsoft Windows 2000 Advanced Server
+
Microsoft Windows 2000 Datacenter Server SP4
+
Microsoft Windows 2000 Datacenter Server SP4
+
Microsoft Windows 2000 Datacenter Server SP3
+
Microsoft Windows 2000 Datacenter Server SP3
+
Microsoft Windows 2000 Datacenter Server SP2
+
Microsoft Windows 2000 Datacenter Server SP2
+
Microsoft Windows 2000 Datacenter Server SP1
+
Microsoft Windows 2000 Datacenter Server SP1
+
Microsoft Windows 2000 Datacenter Server
+
Microsoft Windows 2000 Datacenter Server
+
Microsoft Windows 2000 Professional SP4
+
Microsoft Windows 2000 Professional SP4
+
Microsoft Windows 2000 Professional SP3
+
Microsoft Windows 2000 Professional SP3
+
Microsoft Windows 2000 Professional SP2
+
Microsoft Windows 2000 Professional SP2
+
Microsoft Windows 2000 Professional SP1
+
Microsoft Windows 2000 Professional SP1
+
Microsoft Windows 2000 Professional
+
Microsoft Windows 2000 Professional
+
Microsoft Windows 2000 Server SP4
+
Microsoft Windows 2000 Server SP4
+
Microsoft Windows 2000 Server SP3
+
Microsoft Windows 2000 Server SP3
+
Microsoft Windows 2000 Server SP2
+
Microsoft Windows 2000 Server SP2
+
Microsoft Windows 2000 Server SP1
+
Microsoft Windows 2000 Server SP1
+
Microsoft Windows 2000 Server
+
Microsoft Windows 2000 Server
+
Microsoft Windows Server 2003 Datacenter Edition
+
Microsoft Windows Server 2003 Datacenter Edition
+
Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+
Microsoft Windows Server 2003 Datacenter Edition Itanium 0
+
Microsoft Windows Server 2003 Enterprise Edition
+
Microsoft Windows Server 2003 Enterprise Edition
+
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+
Microsoft Windows Server 2003 Enterprise Edition Itanium 0
+
Microsoft Windows Server 2003 Standard Edition
+
Microsoft Windows Server 2003 Standard Edition
+
Microsoft Windows Server 2003 Web Edition
+
Microsoft Windows Server 2003 Web Edition
|
|
|
