Buffer Overflow Vulnerability in Microsoft SQL Server 2000
CVE-2002-0641

Currently unrated

Key Information:

Vendor
Microsoft
Status
Sql Server
Msde
Vendor
CVE Published:
23 July 2002

Summary

A buffer overflow vulnerability exists in the bulk insert procedure of Microsoft SQL Server 2000 and Microsoft SQL Server Desktop Engine (MSDE) 2000. This flaw allows attackers with database administration privileges to manipulate BULK INSERT queries by using excessively long filenames, potentially leading to the execution of arbitrary code. Proper security measures and patches should be applied to mitigate such risks.

References

http://www.ngssoftware.com/advisories/ms-sqlbi.txt
x_refsource_MISC
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.kb.cert.org/vuls/id/682620
third-party-advisoryx_refsource_CERT-VN

EPSS Score

16% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2002-0641 : Buffer Overflow Vulnerability in Microsoft SQL Server 2000 | SecurityVulnerability.io