1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: MDAC RDS Dataspace Code Execution

Web Attack: MDAC RDS Dataspace Code Execution

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a remote code execution vulnerability using the RDS.DataSpace Objects.

Additional Information

Microsoft Data Access Components (MDAC) provide components for database access, including functionality for querying local and remote databases of various formats.

The MDAC RDS.Dataspace ActiveX control is prone to a remote code execution vulnerability. This issue exists because the control fails to behave securely when it is hosted on a web page. Sufficient restrictions are not placed on the control to prevent it from performing privileged actions when hosted remotely.

An attacker could exploit this issue to install programs, view, modify, or delete data, or create new user accounts on the computer.

Affected

  • Hitachi DA Broker for ODBC 01-00, 01-02
  • Hitachi DBPARTNER ODBC 01-00, 01-03, 01-06, 01-11
  • Hitachi DBPARTNER2 Client 01-05, 01-12
  • Hitachi HITSENSER5 01-00, 01-10, 02-80
  • Microsoft MDAC 2.5 SP3, 2.7, 2.7 SP1, 2.8
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube