Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop Engine (MSDE) 2000, allows malicious users to execute arbitrary code via a long SourceDB argument in a "non-SQL OLEDB data source" such as FoxPro, a variant of CAN-2002-0644.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft data engine 1.0 |
||
microsoft data engine 2000 |
||
microsoft sql server 7.0 |
||
microsoft sql server 2000 |