| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS11-002 | Vulnerabilities in Microsoft Data Access Components Could Allow Remote Code Execution (2451910) | Windows Vista | Critical | 12-01-2011 |
Technical Information
Brief overview of the risk:
The vulnerabilities could allow remote code execution if a user views a specially crafted Web page. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.
Detailed Information on the risk:
A remote code execution vulnerability exists in the way that Microsoft Data Access Components validates third-party API usage. This vulnerability could allow code execution if a user visited a specially crafted Web page. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system.
Further information on this exploit is available at : MS11-002
Affected Software
Windows Vista Service Pack 1 and Windows Vista Service Pack 2Windows Vista x64 Edition Service Pack 1 and
Windows Vista x64 Edition Service Pack 2