CVE-1999-1011

Description

The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.

Affected products

• Microsoft / data_access_components1.5 – 1.5
• Microsoft / data_access_components2.0 – 2.0
• Microsoft / data_access_components2.1 – 2.1
• Microsoft / index_server2.0 – 2.0
• Microsoft / internet_information_server3.0 – 3.0
• Microsoft / internet_information_server4.0 – 4.0
• Microsoft / site_server3.0 – 3.0

References

• MISChttps://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-025
• MISChttps://www.securityfocus.com/bid/529
• MISChttp://www.osvdb.org/272
• MISChttp://www.ciac.org/ciac/bulletins/j-054.shtml
• MISChttps://docs.microsoft.com/en-us/security-updates/securitybulletins/1998/ms98-004