Patch Management Software
 
MS04-003 Bulletin Details Microsoft Security Bulletins

Bulletin ID:MS04-003
TitleBuffer Overrun in MDAC Function Could Allow code execution (832483)
Summary: Microsoft Data Access Components (MDAC) is a collection of components that provides the underlying functionality for a number of database operations, such as connecting to remote databases and returning data to a client. When a client system on a network tries to see a list of computers that are running SQL Server and that reside on the network, it sends a broadcast request to all the devices that are on the network. Due to a vulnerability in a specific MDAC component, an attacker could respond to this request with a specially crafted packet that could cause a buffer overflow.

An attacker who successfully exploited this vulnerability could gain the same level of privileges over the system as the application that initiated the broadcast request. The actions an attacker could carry out would be dependent on the permissions under which the application using MDAC ran. If the application ran with limited privileges, an attacker would be limited accordingly; however, if the application ran under the local system context, the attacker would have the same level of permissions.
Knowledgebase: 832483


List of Patches

S.No Patch Name Severity
1.MDAC252.832483Important
2.MDAC262.832483Important
3.MDAC271.832483Important
4.MDAC270.832483Important

 
Disclaimer: This webpage is intended to provide you information about patch announcements for certain specific software products. The information is provided "As Is" without warranty of any kind. The links provided point to pages on the vendors' websites. You can get more information by clicking the links to visit the relevant pages on the vendors' websites. Desktop Central is NOT endorsed by the vendors of the software products.
© 2012, ZOHO Corp. All rights reserved. Trademarks | Privacy Policy | Site Map | Contact Us | Careers | Tell Us