CVE-2002-1142

Microsoft MDAC <2.7 - Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2002-1142. PoCs published by Metasploit, including Metasploit module exploits/windows/iis/ms02_065_msadc.

AI-analyzed exploit summary This exploit targets a heap overflow vulnerability in Microsoft IIS MDAC msadcs.dll via an overly long 'Content-Type' string in the RDS DataStub. It achieves remote code execution by sending a maliciously crafted POST request to the /msadc/msadcs.dll endpoint.

Description

Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Components (MDAC) 2.1 through 2.6, and Internet Explorer 5.01 through 6.0, allows remote attackers to execute code via a malformed HTTP request to the Data Stub.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/19026

This exploit targets a heap overflow vulnerability in Microsoft IIS MDAC msadcs.dll via an overly long 'Content-Type' string in the RDS DataStub. It achieves remote code execution by sending a maliciously crafted POST request to the /msadc/msadcs.dll endpoint.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft IIS with MDAC 2.1 through 2.6
No auth needed
Prerequisites: Target server must expose /msadc/msadcs.dll · MDAC version 2.1 through 2.6 must be installed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/iis/ms02_065_msadc.rb

This Metasploit module exploits a heap overflow in Microsoft IIS MDAC msadcs.dll via an overly long 'Content-Type' string in the RDS DataStub, allowing arbitrary code execution. It targets multiple Windows 2000 configurations and uses a reverse TCP shell payload.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft IIS with MDAC 2.1-2.6
No auth needed
Prerequisites: Exposed /msadc/msadcs.dll endpoint · Vulnerable MDAC version (2.1-2.6)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11
Core References
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2730
Third Party Advisory mailing-list x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0082.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6214
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/10669
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/542081
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3573
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert
http://www.cert.org/advisories/CA-2002-33.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/10659
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A294

Scores

EPSS 0.7600
EPSS Percentile 99.5%

Details

Status published
Products (7)
microsoft/data_access_components 2.1
microsoft/data_access_components 2.5
microsoft/data_access_components 2.6
microsoft/ie 6.0 sp1
microsoft/internet_explorer 5.0.1 (3 CPE variants)
microsoft/internet_explorer 5.5 (3 CPE variants)
microsoft/internet_explorer 6.0
Published Nov 29, 2002
Tracked Since Feb 18, 2026