CVE-1999-1011

CVSS 10.0 - HIGH

Description

The Remote Data Service (RDS) DataFactory component of Microsoft Data Access Components (MDAC) in IIS 3.x and 4.x exposes unsafe methods, which allows remote attackers to execute arbitrary commands.

Affected Products

7

Vendor	Product	Version
microsoft	data_access_components	`1.5`
microsoft	data_access_components	`2.0`
microsoft	data_access_components	`2.1`
microsoft	index_server	`2.0`
microsoft	internet_information_server	`3.0`
microsoft	internet_information_server	`4.0`
microsoft	site_server	`3.0`

References

http://www.ciac.org/ciac/bulletins/j-054.shtml

http://www.osvdb.org/272

https://docs.microsoft.com/en-us/security-updates/...

https://docs.microsoft.com/en-us/security-updates/...

https://www.securityfocus.com/bid/529

http://www.ciac.org/ciac/bulletins/j-054.shtml

http://www.osvdb.org/272

https://docs.microsoft.com/en-us/security-updates/...

https://docs.microsoft.com/en-us/security-updates/...

https://www.securityfocus.com/bid/529

Weakness Types

CWE-264

CVE Information

CVE ID:: CVE-1999-1011
Published:: 1999-07-19
Modified:: 2026-04-16
CVSS Score:: 10.0
Severity:: HIGH
Vector:: AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected Vendors

microsoft

Quick Actions

View on NVD Find Similar CVEs

CVSS Severity Scale

0.0 - 3.9 LOW

4.0 - 6.9 MEDIUM

7.0 - 8.9 HIGH

9.0 - 10.0 CRITICAL