CVE-2002-1123

EPSS 89.14%
Published 24.09.2002 04:00:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow.

Affected products Warnungen 0 Metrics 2 CWE 0 References 9

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Data Engine Version2000

Microsoft ≫ Sql Server Version2000

Microsoft ≫ Sql Server Version2000 Updatesp1

Microsoft ≫ Sql Server Version2000 Updatesp2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	89.14%	0.995

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://marc.info/?l=bugtraq&m=102873609025020&w=2

http://online.securityfocus.com/archive/1/286220

http://www.ciac.org/ciac/bulletins/n-003.shtml

http://www.iss.net/security_center/static/9788.php

Vendor Advisory

http://www.securityfocus.com/bid/5411

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-056

https://nvd.nist.gov/vuln/detail/CVE-2002-1123

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-1123

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-1123

EUVD