Vulnerabilities > CVE-2002-0056 - Unspecified vulnerability in Microsoft SQL Server 2000/7.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.

Vulnerable Configurations

Part Description Count
Application
Microsoft
2

Oval

accepted2005-10-19T05:47:00.000-04:00
classvulnerability
contributors
  • nameYi-Fang Koh
    organizationThe MITRE Corporation
  • nameIngrid Skoog
    organizationThe MITRE Corporation
  • nameIngrid Skoog
    organizationThe MITRE Corporation
  • nameChristine Walzer
    organizationThe MITRE Corporation
  • nameChristine Walzer
    organizationThe MITRE Corporation
descriptionBuffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.
familywindows
idoval:org.mitre.oval:def:271
statusaccepted
submitted2003-10-10T12:00:00.000-04:00
titleSQL Server OpenDataSource/OpenRowset Buffer Overflow
version3