cpe:/a:microsoft:data_access_components:2.8:sp1 cpe:/a:microsoft:data_access_components:2.8:sp2 cpe:/a:microsoft:windows_data_access_components:6.0 CVE-2012-1891 2012-07-10T17:55:06.150-04:00 2017-09-18T21:34:52.213-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2012-07-11T12:49:00.000-04:00 IAVM IAVM:2012-A-0107 MS MS12-045 CERT TA12-192A Heap-based buffer overflow in Microsoft Data Access Components (MDAC) 2.8 SP1 and SP2 and Windows Data Access Components (WDAC) 6.0 allows remote attackers to execute arbitrary code via crafted XML data that triggers access to an uninitialized object in memory, aka "ADO Cachesize Heap Overflow RCE Vulnerability."