microsoft data engine 2000 vulnerabilities and exploits

(subscribe to this query)

The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user to cause a d...

Microsoft Data Engine 2000 Microsoft Sql Server 2000 Microsoft Sql Server 7.0 Microsoft Data Engine 1.0

1 EDB exploit

Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows malicious users to execute arbitrary code via a long SourceDB argument...

Microsoft Data Engine 1.0 Microsoft Data Engine 2000 Microsoft Sql Server 7.0 Microsoft Sql Server 2000

Buffer overflow in several Database Consistency Checkers (DBCCs) for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows members of the db_owner and db_ddladmin roles to execute arbitrary code.

Microsoft Data Engine 2000 Microsoft Sql Server 2000

1 EDB exploit

SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands.

Microsoft Data Engine 2000 Microsoft Sql Server 2000

Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote malicious users to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL...

Microsoft Data Engine 2000 Microsoft Sql Server 2000

2 EDB exploits

Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote malicious users to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow.

Microsoft Sql Server 2000 Microsoft Data Engine 2000

2 EDB exploits

Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow remote malicious users to gain privileges via a malformed Select statement in an SQL query.

Microsoft Data Engine 1.0 Microsoft Sql Server 7.0

SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize memory pages when reallocating memo...

Microsoft Data Engine 1.0 Microsoft Sql Server 7.0 Microsoft Sql Server 2000 Microsoft Sql Server 2005 Microsoft Sql Server Desktop Engine 2000 Microsoft Wmsde 2000 Microsoft Wyukon

Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users ...

Microsoft Sql Server 7.0 Microsoft Sql Server 2000 Microsoft Sql Server 2005 Microsoft Sql Server Desktop Engine 2000 Microsoft Data Engine 1.0 Microsoft Wmsde 2000 Microsoft Wyukon Microsoft Windows Server 2008

The installation of Microsoft Data Engine 1.0 (MSDE 1.0), and Microsoft SQL Server 2000 creates setup.iss files with insecure permissions and does not delete them after installation, which allows local users to obtain sensitive data, including weakly encrypted passwords, to gain ...

Microsoft Sql Server 7.0 Microsoft Data Engine 1.0 Microsoft Sql Server 2000

« PREV 1 2 3 4 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook