10
CVE-2002-0721
- EPSS 46.31%
- Veröffentlicht 05.09.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:58:00
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Data Engine Version1.0
Microsoft ≫ Data Engine Version2000
Microsoft ≫ Sql Server Version7.0
Microsoft ≫ Sql Server Version7.0 Updatesp1
Microsoft ≫ Sql Server Version7.0 Updatesp2
Microsoft ≫ Sql Server Version7.0 Updatesp3
Microsoft ≫ Sql Server Version7.0 Updatesp4
Microsoft ≫ Sql Server Version2000
Microsoft ≫ Sql Server Version2000 Updatesp1
Microsoft ≫ Sql Server Version2000 Updatesp2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 46.31% | 0.987 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
http://archives.neohapsis.com/archives/ntbugtraq/2002-q3/0087.html
http://marc.info/?l=bugtraq&m=102950473002959&w=2
http://marc.info/?l=ntbugtraq&m=102950792606475&w=2
http://www.kb.cert.org/vuls/id/399531
http://www.kb.cert.org/vuls/id/818939
http://www.kb.cert.org/vuls/id/939675
http://www.ngssoftware.com/advisories/mssql-esppu.txt
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-043