SQL Injection Vulnerability in Microsoft SQL Server and MSDE 2000
CVE-2002-0645

Currently unrated

Key Information:

Vendor
Microsoft
Status
Sql Server
Data Engine
Vendor
CVE Published:
12 August 2002

Summary

An SQL injection vulnerability exists in Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000, which could enable authenticated users to execute arbitrary commands through flawed stored procedures. This flaw poses a significant risk, potentially allowing unauthorized access to sensitive data and system integrity violations. Proper patching and security measures should be enforced to mitigate these risks.

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2002-0645 : SQL Injection Vulnerability in Microsoft SQL Server and MSDE 2000 | SecurityVulnerability.io