| Title | MDAC および WDAC の SQLConnectW 関数における整数符号エラーの脆弱性 |
|---|---|
| Summary | Microsoft Data Access Components (MDAC) および Windows Data Access Components (WDAC) の ODBC API (odbc32.dll) 内にある SQLConnectW 関数には、整数符号エラーの脆弱性が存在します。 |
| Possible impacts | 第三者により、Data Source Name (DSN) および巧妙に細工された szDSN 引数内にある過度に長い文字列を介して、符号付き比較の回避およびバッファオーバーフローを誘発され、任意のコードを実行される可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | Jan. 11, 2011, midnight |
| Registration Date | Jan. 28, 2011, 3:50 p.m. |
| Last Update | Jan. 28, 2011, 3:50 p.m. |
| CVSS2.0 : 危険 | |
| Score | 9.3 |
|---|---|
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
| マイクロソフト |
| Microsoft Data Access Components 2.8 |
| Microsoft Windows 7 (x32) |
| Microsoft Windows 7 (x64) |
| Microsoft Windows Server 2003 |
| Microsoft Windows Server 2003 (itanium) |
| Microsoft Windows Server 2003 (x64) |
| Microsoft Windows Server 2008 (itanium) |
| Microsoft Windows Server 2008 (x64) |
| Microsoft Windows Server 2008 (x86) |
| Microsoft Windows Server 2008 r2(itanium) |
| Microsoft Windows Server 2008 r2(x64) |
| Microsoft Windows Vista |
| Microsoft Windows Vista (x64) |
| Microsoft Windows XP (x64) |
| Microsoft Windows XP sp3 |
| Windows Data Access Components 6.0 |
| No | Changed Details | Date of change |
|---|---|---|
| 0 | [2011年01月28日] 掲載 |
Feb. 17, 2018, 10:37 a.m. |
| Summary | Integer signedness error in the SQLConnectW function in an ODBC API (odbc32.dll) in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, allows remote attackers to execute arbitrary code via a long string in the Data Source Name (DSN) and a crafted szDSN argument, which bypasses a signed comparison and leads to a buffer overflow, aka "DSN Overflow Vulnerability." |
|---|---|
| Publication Date | Jan. 12, 2011, 10 a.m. |
| Registration Date | Jan. 28, 2021, 4:37 p.m. |
| Last Update | Nov. 21, 2024, 10:23 a.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:microsoft:data_access_components:2.8:sp1:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:* | ||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:a:microsoft:data_access_components:2.8:sp2:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:* | ||||
| 2 | cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:* | ||||
| 3 | cpe:2.3:o:microsoft:windows_xp:-:sp2:x64:*:*:*:*:* | ||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:a:microsoft:windows_data_access_components:6.0:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:* | ||||
| 2 | cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:* | ||||
| 3 | cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:* | ||||
| 4 | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x64:*:*:*:*:* | ||||
| 5 | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:x32:*:*:*:*:* | ||||
| 6 | cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:* | ||||
| 7 | cpe:2.3:o:microsoft:windows_server_2008:-:sp2:itanium:*:*:*:*:* | ||||
| 8 | cpe:2.3:o:microsoft:windows_server_2008:r2:*:itanium:*:*:*:*:* | ||||
| 9 | cpe:2.3:o:microsoft:windows_server_2008:r2:*:x64:*:*:*:*:* | ||||
| 10 | cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:* | ||||
| 11 | cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:*:* | ||||