Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0695

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0695
Last Modified 10 Sep 2008 03:12:44
Published 12 Aug 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0695

Summary

Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5 through 2.7 for SQL Server 7.0 or 2000 allows remote attackers to execute arbitrary code via a query that calls the OpenRowSet command.

Vulnerable Systems

Application

  • Microsoft Data Access Components 1.5

  • Microsoft Data Access Components 2.0

  • Microsoft Data Access Components 2.1

  • Microsoft Data Access Components 2.1.1.3711.11

  • Microsoft Data Access Components 2.12.4202.3

  • Microsoft Data Access Components 2.12.4292.3 Ga Clean

  • Microsoft Data Access Components 2.5

  • Microsoft Data Access Components 2.6

  • Microsoft Data Access Components 2.7


References

MS - MS02-040

MISC - http://www.nextgenss.com/advisories/mssql-ors.txt

BID - 5372

XF - mssql-mdac-openrowset-bo(9734)


Last Updated: 27 May 2016 10:37:02