SQL Injection Vulnerability in Microsoft SQL Server and MSDE
CVE-2000-0202

Currently unrated

Key Information:

Vendor: Microsoft
Status: Sql Server; Data Engine
Vendor: CVE Published:; 8 March 2000

What is CVE-2000-0202?

A vulnerability in Microsoft SQL Server 7.0 and MSDE 1.0 allows remote attackers to exploit a malformed SELECT statement within an SQL query. This flaw can enable attackers to gain unauthorized privileges, potentially compromising the database security and integrity. Organizations using these versions must address this vulnerability to safeguard against unauthorized access and exploitation.

References

http://www.securityfocus.com/bid/1041

vdb-entryx_refsource_BID

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

12% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Mar 22, 2000
Vulnerability published
Mar 8, 2000