Buffer Overflow Vulnerability in SQL Server and MSDE by Microsoft
CVE-2000-1084

Currently unrated

Key Information:

Vendor

Microsoft
Status
Sql Server
Data Engine
Vendor
CVE Published:
9 January 2001

What is CVE-2000-1084?

The vulnerability arises from the xp_updatecolvbm function in SQL Server and MSDE failing to adequately restrict buffer length during the srv_paraminfo function call. This design flaw enables attackers to exploit the system, leading to potential denial of service or unauthorized execution of arbitrary commands through Extended Stored Procedures. The affected systems are put at risk, necessitating urgent patching and mitigation strategies to safeguard against exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://marc.info/?l=bugtraq&m=97570878710037&w=2
vendor-advisoryx_refsource_ATSTAKE
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.securityfocus.com/bid/2039
vdb-entryx_refsource_BID

EPSS Score

43% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.