Vulnerabilities > CVE-2002-0641 - Unspecified vulnerability in Microsoft Msde and SQL Server

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
microsoft
NVD
Published: 2002-07-23
Updated: 2024-11-20

Summary

Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query.

Vulnerable Configurations

Part Description Count
Application
Microsoft
2

Oval

accepted2014-06-23T04:07:47.100-04:00
classvulnerability
contributors
  • nameYi-Fang Koh
    organizationThe MITRE Corporation
  • nameIngrid Skoog
    organizationThe MITRE Corporation
  • nameIngrid Skoog
    organizationThe MITRE Corporation
  • nameIngrid Skoog
    organizationThe MITRE Corporation
  • nameIngrid Skoog
    organizationThe MITRE Corporation
  • nameIngrid Skoog
    organizationThe MITRE Corporation
  • nameIngrid Skoog
    organizationThe MITRE Corporation
  • nameIngrid Skoog
    organizationThe MITRE Corporation
  • nameIngrid Skoog
    organizationThe MITRE Corporation
  • nameJerome Athias
    organizationMcAfee, Inc.
descriptionBuffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query.
familywindows
idoval:org.mitre.oval:def:316
statusaccepted
submitted2003-10-10T12:00:00.000-04:00
titleMS SQL Server Bulk Insert Procedure Buffer Overflow
version4

References