Microsoft » Sql Server » 7.0 sp4 : Security Vulnerabilities, CVEs, Published In 2002 (Overflow)
Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data source" such as FoxPro, a variant of CAN-2002-0644.
Max CVSS
7.5
EPSS Score
1.44%
Published
2002-10-11
Updated
2018-10-12
Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.
Max CVSS
7.5
EPSS Score
9.27%
Published
2002-03-08
Updated
2018-10-12
2 vulnerabilities found