7.5
CVE-2001-0542
- EPSS 13.62%
- Veröffentlicht 20.12.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:54:29
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Sql Server Version7.0
Microsoft ≫ Sql Server Version2000
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 13.62% | 0.96 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://marc.info/?l=bugtraq&m=100891252317406&w=2
http://www.atstake.com/research/advisories/2001/a122001-1.txt
http://www.kb.cert.org/vuls/id/700575
http://www.securityfocus.com/bid/3733
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-060
https://exchange.xforce.ibmcloud.com/vulnerabilities/7724
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A83