CVE-2006-0003

EXPLOITED

Microsoft Data Access Components 2.7-2.8 - Remote Code Execution via RDS.Dataspace ActiveX Control

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2006-0003 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 3 public exploits from researchers including H D Moore, redsand.

AI-analyzed exploit summary This is a Metasploit module that exploits a vulnerability in Internet Explorer by abusing vulnerable ActiveX objects to achieve remote code execution. It generates an HTML page that attempts to create various ActiveX objects and download/execute a payload.

Description

Unspecified vulnerability in the RDS.Dataspace ActiveX control, which is contained in ActiveX Data Objects (ADO) and distributed in Microsoft Data Access Components (MDAC) 2.7 and 2.8, allows remote attackers to execute arbitrary code via unknown attack vectors.

Exploits (3)

exploitdb WORKING POC VERIFIED
by H D Moore · remotewindows
https://www.exploit-db.com/exploits/2164

This is a Metasploit module that exploits a vulnerability in Internet Explorer by abusing vulnerable ActiveX objects to achieve remote code execution. It generates an HTML page that attempts to create various ActiveX objects and download/execute a payload.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Internet Explorer (various versions)
No auth needed
Prerequisites: Victim must visit a malicious webpage · ActiveX controls must be enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by redsand · bashremotewindows
https://www.exploit-db.com/exploits/2052

This exploit leverages CVE-2006-0003 (MS06-014) to achieve remote code execution via a crafted HTML file with VBScript. It downloads and executes a payload from a specified URL using ADODB.Stream and Shell.Application objects.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Microsoft Internet Explorer (RDS.DataSpace ActiveX Control)
No auth needed
Prerequisites: Victim must visit a malicious webpage · Payload must be hosted on the same domain
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
rubyremotewindows
https://www.exploit-db.com/exploits/16561

This is a functional Metasploit exploit module targeting CVE-2006-0003, which abuses vulnerable ActiveX objects in Internet Explorer to achieve remote code execution. It uses multiple CLSIDs to create objects and execute arbitrary commands via WScript.Shell.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Internet Explorer (versions up to 6.0, depending on patch level)
No auth needed
Prerequisites: Victim must visit a malicious webpage hosting the exploit · Vulnerable ActiveX controls must be present and not patched
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (29)

Core 29
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19583
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/2452
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/475108/100/100/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/487216/100/200/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/487219/100/200/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/475104/100/100/threaded
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1323
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/20797
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1015894
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/25006
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1511
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA06-101A.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/17462
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/2164
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1778
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/2052
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/20719
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1204
Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/234812
Third Party Advisory, VDB Entry x_refsource_misc
http://www.securityfocus.com/data/vulnerabilities/exploits/0day_ie.pdf
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/1319
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/475490/100/100/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/24517
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/29915
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/475118/100/100/threaded
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1742

Scores

EPSS 0.9160
EPSS Percentile 99.7%

Details

VulnCheck KEV 2010-05-01
Status published
Products (3)
microsoft/data_access_components 2.5 sp3
microsoft/data_access_components 2.7 (2 CPE variants)
microsoft/data_access_components 2.8 (3 CPE variants)
Published Apr 12, 2006
Tracked Since Feb 18, 2026