CVE-2011-0027
Microsoft Data Access Components (MDAC) <2.8 SP1 & WDAC 6.0 - RCE
Title source: llmDescription
Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2, and Windows Data Access Components (WDAC) 6.0, does not properly validate memory allocation for internal data structures, which allows remote attackers to execute arbitrary code, possibly via a large CacheSize property that triggers an integer wrap and a buffer overflow, aka "ADO Record Memory Vulnerability." NOTE: this might be a duplicate of CVE-2010-1117 or CVE-2010-1118.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Peter Vreugdenhil · htmlremotewindows
https://www.exploit-db.com/exploits/15984
References (11)
Scores
EPSS
0.6761
EPSS Percentile
98.6%
Details
CWE
CWE-20
Status
published
Products (2)
microsoft/data_access_components
2.8 sp1 (2 CPE variants)
microsoft/windows_data_access_components
6.0
Published
Jan 12, 2011
Tracked Since
Feb 18, 2026