Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4814

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-4814
Last Modified 05 Feb 2009 01:30:25
Published 11 Sep 2007 03:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4814

Summary

Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method.

Vulnerable Systems

Application

  • Microsoft Sql Server 2005


References

BID - 25594

BUGTRAQ - 20070907 Microsoft SQL Server Distributed Management Objects OLE DLL for SQL Enterprise Manager (sqldmo.dll) remote buffer overflow poc

MILW0RM - 4398

MILW0RM - 4379

MISC - http://retrogod.altervista.org/microsoft_sqldmo.html

XF - mssql-sqldmo-bo(36509)

OSVDB - 38399

SREASON - 3112


Last Updated: 27 May 2016 10:45:58