Description

The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.

Remediation

References

CVE-1999-1011

Related Vulnerabilities

WordPress Plugin Fast Velocity Minify Information Disclosure (2.7.6)

WordPress Plugin Contus HD FLV Player 'process-sortable.php' SQL Injection (1.3)

Python Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2010-2089)

WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36156)

WebLogic Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10152)

Severity

Critical

Classification

CVE-1999-1011 CWE-264

Tags

Missing Update Known Vulnerabilities