1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP ADODB RecordSet Buffer Overflow

HTTP ADODB RecordSet Buffer Overflow

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability using the ADODB.RecordSet control.

Additional Information

Microsoft Internet Explorer is prone to a denial-of-service vulnerability.

This issue occurs when the browser processes the 'NextRecordset' method of the 'ADODB.Recordset' object. An attacker can trigger this issue by calling the affected method with a long string. This can result in invalid memory access in the 'SysFreeString' function. A successful attack may cause the browser to fail.

Affected

  • Microsoft Internet Explorer 6.0, 6.0 SP1

Response

Upgrade to the latest version of Internet Explorer and ensure that all vendor supplied patches have been applied.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube