SQL Injection Vulnerability in Microsoft SQL Server and MSDE
CVE-2000-0202

Currently unrated

Key Information:

Vendor
Microsoft
Status
Sql Server
Data Engine
Vendor
CVE Published:
8 March 2000

Summary

A vulnerability in Microsoft SQL Server 7.0 and MSDE 1.0 allows remote attackers to exploit a malformed SELECT statement within an SQL query. This flaw can enable attackers to gain unauthorized privileges, potentially compromising the database security and integrity. Organizations using these versions must address this vulnerability to safeguard against unauthorized access and exploitation.

References

http://www.securityfocus.com/bid/1041
vdb-entryx_refsource_BID
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

12% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.
CVE-2000-0202 : SQL Injection Vulnerability in Microsoft SQL Server and MSDE | SecurityVulnerability.io