CVE-2006-5559

EXPLOITED

Microsoft Data Access Components - Use-After-Free via ADODB.Connection Execute Method

Title source: llm

Exploitation Summary

CVE-2006-5559 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including YAG KOHHA.

AI-analyzed exploit summary This exploit triggers a denial-of-service (DoS) condition in Internet Explorer by causing an access violation via the 'ADODB.Connection' object's 'Execute' function. It leverages a large input string to overflow and crash the application.

Description

The Execute method in the ADODB.Connection 2.7 and 2.8 ActiveX control objects (ADODB.Connection.2.7 and ADODB.Connection.2.8) in the Microsoft Data Access Components (MDAC) 2.5 SP3, 2.7 SP1, 2.8, and 2.8 SP1 does not properly track freed memory when the second argument is a BSTR, which allows remote attackers to cause a denial of service (Internet Explorer crash) and possibly execute arbitrary code via certain strings in the second and third arguments.

Exploits (1)

exploitdb WORKING POC VERIFIED

by YAG KOHHA · htmldoswindows

https://www.exploit-db.com/exploits/2629

View Code ZIP pw:eip

This exploit triggers a denial-of-service (DoS) condition in Internet Explorer by causing an access violation via the 'ADODB.Connection' object's 'Execute' function. It leverages a large input string to overflow and crash the application.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Internet Explorer 6.0 on Windows XP SP1/SP2

No auth needed

Prerequisites: ActiveX enabled in Internet Explorer · Victim visits malicious webpage

MITRE ATT&CK