Lucene search

[email protected]CVE-2002-0641

HistoryJul 23, 2002 - 4:00 a.m.

CVE-2002-0641

2002-07-2304:00:00

[email protected]

web.nvd.nist.gov

microsoft sql server

buffer overflow

cve-2002-0641

security vulnerability

msde 2000

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.031 Low

EPSS

Percentile

91.0%

JSON

Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query.

Affected configurations

NVD

Node

microsoftmsdeMatch2000

microsoftsql_serverMatch2000

CPENameOperatorVersion
microsoft:msdemicrosoft msdeeq2000
microsoft:sql_servermicrosoft sql servereq2000

CPE	Name	Operator	Version
microsoft:msde	microsoft msde	eq	2000
microsoft:sql_server	microsoft sql server	eq	2000

References

marc.info/?l=bugtraq&m=102639885223746&w=2

www.kb.cert.org/vuls/id/682620

www.ngssoftware.com/advisories/ms-sqlbi.txt

www.securityfocus.com/bid/4847

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-034

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A316

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.031 Low

EPSS

Percentile

91.0%

JSON

Related for CVE-2002-0641

nvd1 cert1 cvelist1 securityvulns1 openvas1