Browser Security Test
Security testing
Scanit offers penetration tests, vulnerability assessments and web application audits.
Scanit offers penetration tests, vulnerability assessments and web application audits.
Learn ethical hacking.
Scanit offers 5-day training on ethical hacking.
Scanit offers 5-day training on ethical hacking.
Windows MDAC ADODB ActiveX control invalid length (CVE-2006-5559)
Description
A remote code execution vulnerability exists in the ADODB.Connection ActiveX control that is provided as part of the ActiveX Data Objects (ADO) and that is distributed in MDAC.The problem can be exploited by a web page that calls the vulnerable function of ADODB.Connection ActiveX control.
This is an arbitrary code execution vulnerability. It means that it can be used to place a backdoor, a virus or spyware on a vulnerable computer.
Recommendations
If you are using Microsoft Windows we recommend using Windows Update to correct this problem. See also Microsoft Security Bulletin MS07-009 for information about the patch for this problem.If you are not using Microsoft Windows, this result is most probably a false positive. Try running the test for this vulnerability again. If your browser does not crash during the test for this vulnerability, it is not vulnerable.