Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft sql server 2000 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-0056
Buffer overflow in SQL Server 7.0 and 2000 allows remote malicious users to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
7.5
CVSSv2
CVE-2001-0542
Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified ...
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
4.3
CVSSv2
CVE-2012-2552
Cross-site scripting (XSS) vulnerability in the SQL Server Report Manager in Microsoft SQL Server 2000 Reporting Services SP2 and SQL Server 2005 SP4, 2008 SP2 and SP3, 2008 R2 SP1, and 2012 allows remote malicious users to inject arbitrary web script or HTML via an unspecified p...
Microsoft Sql Server 2005
Microsoft Sql Server 2008
Microsoft Sql Server 2012
Microsoft Sql Server Reporting Services 2000
10
CVSSv2
CVE-2002-0721
Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execre...
Microsoft Sql Server 2000
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
Microsoft Sql Server 7.0
1 EDB exploit
4.6
CVSSv2
CVE-2000-1082
The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user to caus...
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
10
CVSSv2
CVE-2002-1145
The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, Microsoft Data Engine (MSDE) 1.0, and Microsoft Desktop Engine (MSDE) 2000 can be executed by PUBLIC, which allows an malicious user to gain privileges by updating a webtask that i...
Microsoft Sql Server 7.0
Microsoft Sql Server 2000
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
7.5
CVSSv2
CVE-2002-1137
Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows malicious users to execute arbitrary code via a long SourceDB argument...
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
Microsoft Sql Server 7.0
Microsoft Sql Server 2000
7.5
CVSSv2
CVE-2002-1138
Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, writes output files for scheduled jobs under its own privileges instead of the entity that launched it, which allows malicious users to overwrite system files, ...
Microsoft Sql Server 7.0
Microsoft Data Engine 2000
Microsoft Sql Server 2000
Microsoft Data Engine 1.0
4.6
CVSSv2
CVE-2000-1088
The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user t...
Microsoft Data Engine 2000
Microsoft Sql Server 2000
Microsoft Sql Server 7.0
Microsoft Data Engine 1.0
4.6
CVSSv2
CVE-2000-1081
The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not properly restrict the length of a buffer before calling the srv_paraminfo function in the SQL Server API for Extended Stored Procedures (XP), which allows an malicious user to c...
Microsoft Sql Server 7.0
Microsoft Data Engine 1.0
Microsoft Data Engine 2000
Microsoft Sql Server 2000
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »