Vulnerabilities > CVE-2002-0056 - Unspecified vulnerability in Microsoft SQL Server 2000/7.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Oval
accepted | 2005-10-19T05:47:00.000-04:00 | ||||||||||||||||||||
class | vulnerability | ||||||||||||||||||||
contributors |
| ||||||||||||||||||||
description | Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection. | ||||||||||||||||||||
family | windows | ||||||||||||||||||||
id | oval:org.mitre.oval:def:271 | ||||||||||||||||||||
status | accepted | ||||||||||||||||||||
submitted | 2003-10-10T12:00:00.000-04:00 | ||||||||||||||||||||
title | SQL Server OpenDataSource/OpenRowset Buffer Overflow | ||||||||||||||||||||
version | 3 |
References
- http://marc.info/?l=bugtraq&m=101422555428036&w=2
- http://marc.info/?l=bugtraq&m=101422555428036&w=2
- http://marc.info/?l=vuln-dev&m=101413924631329&w=2
- http://marc.info/?l=vuln-dev&m=101413924631329&w=2
- http://www.kb.cert.org/vuls/id/619707
- http://www.kb.cert.org/vuls/id/619707
- http://www.securityfocus.com/bid/4135
- http://www.securityfocus.com/bid/4135
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-007
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-007
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A271
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A271