CVE-2006-5559

NONECVSS 0.0

0.0

The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote attackers to cause a denial of service (Internet Explorer crash) and possibly execute arbitrary code via certain strings in the second and third arguments.

🔗 References (24)

cve@mitrehttp://blogs.technet.com/msrc/archive/2006/10/27/adodb-connection-poc-published.aspx
cve@mitrehttp://research.eeye.com/html/alerts/zeroday/20061027.html
cve@mitrehttp://secunia.com/advisories/22452
cve@mitrehttp://securitytracker.com/id?1017127
cve@mitrehttp://www.kb.cert.org/vuls/id/589272
cve@mitrehttp://www.osvdb.org/31882
cve@mitrehttp://www.securityfocus.com/bid/20704
cve@mitrehttp://www.us-cert.gov/cas/techalerts/TA07-044A.html
cve@mitrehttp://www.vupen.com/english/advisories/2007/0578
cve@mitrehttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-009
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/29837
cve@mitrehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A214
af854a3a-2127-422b-91ae-364da2661108http://blogs.technet.com/msrc/archive/2006/10/27/adodb-connection-poc-published.aspx
af854a3a-2127-422b-91ae-364da2661108http://research.eeye.com/html/alerts/zeroday/20061027.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22452

Is Your Infrastructure Affected by CVE-2006-5559?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2006-5559

📅 Published

🔄 Last Modified

🔗 References (24)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2006-5559?