CVE-2002-1138 in SQL Serverinfo

Summary

Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, writes output files for scheduled jobs under its own privileges instead of the entity that launched it, which allows attackers to overwrite system files, aka "Flaw in Output File Handling for Scheduled Jobs."

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Disclosure

10/11/2002

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-269

CVSS

7.3

EPSS

0.11402

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-1138
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-1138
CVE Details	https://www.cvedetails.com/cve/CVE-2002-1138/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!