microsoft sql server 2000 vulnerabilities and exploits

(subscribe to this query)

Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote malicious users to cause a denial of service or execute arbitrary code via a database query with certain long arguments.

Microsoft Sql Server 7.0 Microsoft Sql Server 2000

Buffer overflow in SQL Server 7.0 and 2000 allows remote malicious users to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.

Microsoft Sql Server 2000 Microsoft Sql Server 7.0

Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote malicious users to inject arbitrary web script or HTML via an unspecified p...

Microsoft Sql Server 2005 Microsoft Sql Server 2008 Microsoft Sql Server 2012 Microsoft Sql Server Reporting Services 2000

The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine (MSDE) 1.0, and Microsoft Desktop Engine (MSDE) 2000 can be executed by PUBLIC, which allows an malicious user to gain privileges by updating a webtask that i...

Microsoft Sql Server 7.0 Microsoft Sql Server 2000 Microsoft Data Engine 1.0 Microsoft Data Engine 2000

Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execre...

Microsoft Sql Server 2000 Microsoft Data Engine 1.0 Microsoft Data Engine 2000 Microsoft Sql Server 7.0

1 EDB exploit

The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user ...

Microsoft Data Engine 1.0 Microsoft Data Engine 2000 Microsoft Sql Server 2000 Microsoft Sql Server 7.0

The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user to cause a d...

Microsoft Data Engine 2000 Microsoft Sql Server 2000 Microsoft Sql Server 7.0 Microsoft Data Engine 1.0

1 EDB exploit

The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user to cau...

Microsoft Data Engine 1.0 Microsoft Data Engine 2000 Microsoft Sql Server 2000 Microsoft Sql Server 7.0

1 EDB exploit

The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user to c...

Microsoft Sql Server 7.0 Microsoft Data Engine 1.0 Microsoft Data Engine 2000 Microsoft Sql Server 2000

1 EDB exploit

The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user to caus...

Microsoft Data Engine 1.0 Microsoft Data Engine 2000 Microsoft Sql Server 2000 Microsoft Sql Server 7.0

« PREV 1 2 3 4 5 6 7 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook