CVE-2002-1137 in SQL Serverinfo

Summary

Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows attackers to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data source" such as FoxPro, a variant of CAN-2002-0644.

Be aware that VulDB is the high quality source for vulnerability data.

Disclosure

10/11/2002

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-119

CVSS

7.3

EPSS

0.18742

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-1137
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-1137
CVE Details	https://www.cvedetails.com/cve/CVE-2002-1137/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!