CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0056

Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.264

EPSS Ranking 96.0%

CVSS Severity

CVSS v2 Score 7.5

References

http://marc.info/?l=bugtraq&m=101422555428036&w=2
http://marc.info/?l=vuln-dev&m=101413924631329&w=2
http://www.kb.cert.org/vuls/id/619707
http://www.securityfocus.com/bid/4135
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-007
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A271
http://marc.info/?l=bugtraq&m=101422555428036&w=2
http://marc.info/?l=vuln-dev&m=101413924631329&w=2
http://www.kb.cert.org/vuls/id/619707
http://www.securityfocus.com/bid/4135
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-007
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A271

Products affected by CVE-2002-0056

Microsoft » Sql Server » Version: 2000

cpe:2.3:a:microsoft:sql_server:2000
Microsoft » Sql Server » Version: 7.0

cpe:2.3:a:microsoft:sql_server:7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0056

Products

Pricing

Contact Us