Description

The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.

Remediation

References

CVE-1999-1011

Related Vulnerabilities

Dolibarr Other Vulnerability (CVE-2022-0414)

Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-1397)

WordPress Plugin WP Photo Album Plus Cross-Site Scripting (5.0.10)

SharePoint CVE-2024-30100 Vulnerability (CVE-2024-30100)

MyBB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2012-5909)

Severity

Critical

Classification

CVE-1999-1011 CWE-264

Tags

Missing Update Known Vulnerabilities