ADODB.connection ActiveX Vulnerability

ISC made a very brief post about PoC code which was released exploiting a vulnerability in the ADODB.connection ActiveX control. (Do I get bored of writing about ActiveX all the time? Yes! Thanks for asking!) There's basically not much information about the vulnerability at this time but it appears to have been found as a 0day. The reason there hasn't been much said on it is that it is a DoS 0day as opposed to a remote execution PoC. Therefore I would expect to see more about this when someone releases the code-execution version.

But for now, the kill bit to set is 00000514-0000-0010-8000-00AA006D2EA4.

The main links are currently:

Link to the SecurityFocus vulnerability page which includes the PoC
MSRC blog post acknowledging the reports of it spreading in the wild
CVE-2006-5559