Microsoft Data Access Components ODBC Buffer Overflow Vulnerability



Date Discovered

August 20, 2003


A buffer overflow vulnerability exists in Microsoft Data Access Components that may allow an attacker to run arbitrary code on a client machine. This vulnerability is exposed when a client or a SQL Server implementing the SQL-DMO library, sends a broadcast request for Microsoft SQL Servers on a network. In response an attacker could send malicious data to the querying system, causing a buffer overflow. This vulnerability could allow an attacker to gain access to confidential data and compromise the system.

Technologies Affected

  • Microsoft MDAC 2.5
  • Microsoft MDAC 2.5 RTM
  • Microsoft MDAC 2.5 SP1
  • Microsoft MDAC 2.5 SP2
  • Microsoft MDAC 2.5 SP3
  • Microsoft MDAC 2.6
  • Microsoft MDAC 2.6 RTM
  • Microsoft MDAC 2.6 SP1
  • Microsoft MDAC 2.6 SP2
  • Microsoft MDAC 2.6 SP2 Refresh
  • Microsoft MDAC 2.7
  • Microsoft MDAC 2.7 RTM Refresh


Block external access at the network boundary, unless external parties require service.
Restricting access to the network may prevent an attacker from listening to SQL requests from clients. If possible ensure that trusted sources have access to the internal network.

Microsoft has released a patch in order to address this issue.



The discovery of this vulnerability has been credited to "Aaron C. Newman" <>

© 1995- Symantec Corporation

Permission to redistribute this alert electronically is granted as long as it is not edited in any way unless authorized by Symantec Security Response. Reprinting the whole or part of this alert in any medium other than electronically requires permission from


The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.

Symantec, Symantec products, Symantec Security Response, and are registered trademarks of Symantec Corp. and/or affiliated companies in the United States and other countries. All other registered and unregistered trademarks represented in this document are the sole property of their respective companies/owners.