Microsoft

Sql Server

107 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2002-0721

  • EPSS 54.35%
  • Veröffentlicht 05.09.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrato...

7.5

CVE-2002-0859

  • EPSS 39.23%
  • Veröffentlicht 05.09.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code.

7.5

CVE-2002-0644

  • EPSS 9.07%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in several Database Consistency Checkers (DBCCs) for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows members of the db_owner and db_ddladmin roles to execute arbitrary code.

7.5

CVE-2002-0645

  • EPSS 1.99%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands.

7.5

CVE-2002-0649

  • EPSS 86.64%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 ...

5

CVE-2002-0650

  • EPSS 25.23%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The keep-alive mechanism for Microsoft SQL Server 2000 allows remote attackers to cause a denial of service (bandwidth consumption) via a "ping" style packet to the Resolution Service (UDP port 1434) with a spoofed IP address of another SQL Server sy...

5

CVE-2002-0729

  • EPSS 15.63%
  • Veröffentlicht 12.08.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Microsoft SQL Server 2000 allows remote attackers to cause a denial of service via a malformed 0x08 packet that is missing a colon separator.

7.5

CVE-2002-0624

  • EPSS 7.2%
  • Veröffentlicht 23.07.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authenticat...

7.5

CVE-2002-0641

  • EPSS 16.41%
  • Veröffentlicht 23.07.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSER...

7.2

CVE-2002-0642

  • EPSS 75.06%
  • Veröffentlicht 23.07.2002 04:00:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

The registry key containing the SQL Server service account information in Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, has insecure permissions, which allows local users to gain privileges, aka "Incorrect Perm...