Follow:

Exploit:Win/ADODB.Connection.DoS!CVE-2006-5559

Severity rating
Critical

Class/Type
Exploit

Discovered date
2006-12-12T00:00:00

Attack vector
Remote

Authentication required
No

Public exploits available
Yes

Signature detection
Medium



On this page




Description

A remote code execution vulnerability exists in the HTML Help ActiveX control. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user visited that page.



Impact

An attacker who successfully exploited this vulnerability could take complete control of an affected system.



Technical details (analysis)

The ADODB.Connection ActiveX control included in MDAC could, if passed unexpected data, cause Internet Explorer to fail in a way that could allow code execution. Unitialized variable that is used in certain methods of HHCtrl ActiveX control can be exploited because proper set up is not done in the object param attributes.



Affected software

Microsoft Data Access Components 2.5 Service Pack 3 on Microsoft Windows 2000 Service Pack 4
Microsoft Data Access Components 2.8 Service Pack 1 on Microsoft Windows XP Service Pack 2
Microsoft Data Access Components 2.8 on Microsoft Windows Server 2003
Microsoft Data Access Components 2.8 on Microsoft Windows Server 2003 for Itanium-based Systems



Non-affected software

Microsoft Data Access Components 2.8 Service Pack 2 on Microsoft Windows XP Professional x64 Edition
Microsoft Data Access Components 2.8 Service Pack 2 on Microsoft Windows Server 2003 Service Pack 1
Microsoft Data Access Components 2.8 Service Pack 2 on Microsoft Windows Server 2003 with SP1 for Itanium-based Systems
Microsoft Data Access Components 2.8 Service Pack 2 on Microsoft Windows Server 2003 x64 Edition
Windows Data Access Components 6.0 on Windows Vista



References




Solutions




NIS signature

Name: Exploit:Win/ADODB.Connection.DoS!CVE-2006-5559
Release Date: 2006-12-12T00:00:00



Known false positives

No known false positives at this time.



Work-arounds

Prevent the ADODB.Connection ActiveX Control from running in Internet Explorer.
Unregister the ADO ActiveX controls.
Configure Internet Explorer to prompt before running ActiveX Controls or disable ActiveX Controls in the Internet and Local intranet security zone.
Set Internet and Local intranet security zone settings to “High” to prompt before running ActiveX Controls and Active Scripting in these zones.