Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0107

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2008-0107
Last Modified 26 Jan 2012 10:21:26
Published 08 Jul 2008 07:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-0107

Summary

Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users to execute arbitrary code via a (1) SMB or (2) WebDAV pathname for an on-disk file (aka stored backup file) with a crafted record size value, which triggers a heap-based buffer overflow, aka "SQL Server Memory Corruption Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows Server 2008

Application

  • Microsoft Data Engine 1.0

  • Microsoft Sql Server 2000

  • Microsoft Sql Server 2005

  • Microsoft Sql Server 7.0

  • Microsoft Sql Server Desktop Engine 2000

  • Microsoft Wmsde 2000

  • Microsoft Wyukon


References

CERT - TA08-190A

MS - MS08-040

VUPEN - ADV-2008-2022

CONFIRM - http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2011-0003.html

SECTRACK - 1020441

BID - 30119

BUGTRAQ - 20110211 VMSA-2011-0003 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

BUGTRAQ - 20080708 Re: [Full-disclosure] iDefense Security Advisory 07.08.08: Microsoft SQL Server Restore Integer Underflow Vulnerability

MISC - http://www.insomniasec.com/advisories/ISVA-080709.1.htm

SECUNIA - 30970

IDEFENSE - 20080708 Microsoft SQL Server Restore Integer Underflow Vulnerability


Last Updated: 27 May 2016 10:46:40