Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5 through 2.7 for SQL Server 7.0 or 2000 allows remote attackers to execute arbitrary code via a query that calls the OpenRowSet command.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Data_access_components | Microsoft | 1.5 (including) | 1.5 (including) |
| Data_access_components | Microsoft | 2.0 (including) | 2.0 (including) |
| Data_access_components | Microsoft | 2.1 (including) | 2.1 (including) |
| Data_access_components | Microsoft | 2.1.1.3711.11-ga (including) | 2.1.1.3711.11-ga (including) |
| Data_access_components | Microsoft | 2.5 (including) | 2.5 (including) |
| Data_access_components | Microsoft | 2.5-gold (including) | 2.5-gold (including) |
| Data_access_components | Microsoft | 2.5-sp1 (including) | 2.5-sp1 (including) |
| Data_access_components | Microsoft | 2.5-sp2 (including) | 2.5-sp2 (including) |
| Data_access_components | Microsoft | 2.6 (including) | 2.6 (including) |
| Data_access_components | Microsoft | 2.6-gold (including) | 2.6-gold (including) |
| Data_access_components | Microsoft | 2.6-sp1 (including) | 2.6-sp1 (including) |
| Data_access_components | Microsoft | 2.6-sp2 (including) | 2.6-sp2 (including) |
| Data_access_components | Microsoft | 2.7 (including) | 2.7 (including) |
| Data_access_components | Microsoft | 2.7-gold (including) | 2.7-gold (including) |
| Data_access_components | Microsoft | 2.12.4202.3 (including) | 2.12.4202.3 (including) |
| Microsoft_data_access_components | Microsoft | 2.12.4292.3_ga_clean (including) | 2.12.4292.3_ga_clean (including) |