2.2.3.8

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

protegrity

critical

NVD

Published: 2003-03-18

Updated: 2016-10-18

Summary

Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_pty_checkusers, (2) xp_pty_insert, or (3) xp_pty_select.

Vulnerable Configurations

Part	Description	Count
Application	Protegrity Protegrity Secure.Data 2.2.3.7 Protegrity Secure.Data 2.2.3.8	2

References

http://marc.info/?l=bugtraq&m=104758650516677&w=2
http://secunia.com/advisories/8294
http://www.kb.cert.org/vuls/id/247545
http://www.securityfocus.com/bid/7083
http://www.securityfocus.com/bid/7084
http://www.securityfocus.com/bid/7085