Lucene search

[email protected]CVE-2002-0859

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0859

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

cve-2002-0859

buffer overflow

jet engine

microsoft sql server 2000

remote code execution

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.183 Low

EPSS

Percentile

96.2%

JSON

Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code.

Affected configurations

NVD

Node

microsoftjetMatch4.0

microsoftjetMatch4.0sp1

microsoftjetMatch4.0sp2

microsoftjetMatch4.0sp3

microsoftjetMatch4.0sp4

microsoftjetMatch4.0sp5

microsoftsql_serverMatch2000

microsoftsql_serverMatch2000sp1

microsoftsql_serverMatch2000sp2

CPENameOperatorVersion
microsoft:jetmicrosoft jeteq4.0
microsoft:sql_servermicrosoft sql servereq2000

CPE	Name	Operator	Version
microsoft:jet	microsoft jet	eq	4.0
microsoft:sql_server	microsoft sql server	eq	2000

References

marc.info/?l=bugtraq&m=102450188620081&w=2

support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ282010

www.iss.net/security_center/static/9375.php

www.nextgenss.com/advisories/mssql-ods.txt

www.securityfocus.com/bid/5057

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.4 High

AI Score

Confidence

Low

0.183 Low

EPSS

Percentile

96.2%

JSON

Related for CVE-2002-0859

cvelist1 nvd1