National Cyber-Alert System
Vulnerability Summary: CVE-1999-1011
Orirignal release date: 1999-07-19
Source: US-CERT/NIST

Overview

    The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.

Impact

    CVSS Severity: 10 (High)
    Range: remote
    Authentication: access,design
    Impact Type: sec_prot admin="1"

Reference to Advisories, Solutions, and Tools

Vulnerable Software and Vendor

    IIS (Microsoft)
    MDAC (Microsoft)
    Index Server (Microsoft)
    Site Server (Microsoft)

Technical Details

CVE Standard Vulnerability Entry: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1011