Microsoft has release a security update for the Microsoft Data Access Components
Software: Microsoft Data Access Components (MDAC) 2.1, Microsoft Data Access Components (MDAC) 2.5, Microsoft Data Access Components (MDAC) 2.6, Microsoft Internet Explorer 5.01, Microsoft Internet Explorer 5.5, and Microsoft Internet Explorer 6.0Read more
Impact: Run code of attacker's choice
Max Risk: Critical
Bulletin: MS02-065
The vulnerability results because of an unchecked buffer in the Data Stub. By sending a specially malformed HTTP request to the Data Stub, an attacker could cause data of his or her choice to overrun onto the heap. Although heap overruns are typically more difficult to exploit than the more-common stack overrun, Microsoft has confirmed that in this case it would be possible to exploit the vulnerability to run code of the attacker's choice on the user's system.
