Vulnerability Details CVE-2003-0232
Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls (LPC) port that leads to a buffer overflow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.041
EPSS Ranking 89.5%
CVSS Severity
CVSS v2 Score 7.2
References
- http://www.atstake.com/research/advisories/2003/a072303-3.txt
- http://www.kb.cert.org/vuls/id/584868
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-031
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A303
- http://www.atstake.com/research/advisories/2003/a072303-3.txt
- http://www.kb.cert.org/vuls/id/584868
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-031
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A303
Products affected by CVE-2003-0232
-
cpe:2.3:a:microsoft:data_engine:1.0
-
cpe:2.3:a:microsoft:sql_server:2000
-
cpe:2.3:a:microsoft:sql_server:7.0