CVE-2003-0903 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Data Access Components

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

65.1%

top 1.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Data Access Components

Timeline

PublishedFeb 17

Latest updateApr 29

Description

Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/data_access_components4 versions+3

🔴Vulnerability Details

GHSA

GHSA-hmq2-qh9m-9jpv: Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2↗2022-04-29

▶

CVEList

CVE-2003-0903: Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2↗2004-09-01

▶