A vulnerability has been identified in Microsoft Data Access Components (MDAC), which could be exploited by attackers to take complete control of an affected system. This issue is due to a memory corruption error in the ADODB.Connection ActiveX control when handling malformed arguments passed to certain methods, which could be exploited by remote attackers to execute arbitrary commands by tricking a user into visiting a specially crafted web page.
Affected Products
Microsoft Data Access Components 2.5 Service Pack 3
Microsoft Data Access Components 2.8 Service Pack 1
Microsoft Data Access Components 2.8
Microsoft Data Access Components 2.7 Service Pack 1
Solution
Apply patches :
http://www.microsoft.com/technet/security/bulletin/ms07-009.mspx
