Buffer Overflow in Microsoft Data Access Components for SQL Server 7.0 and 2000
CVE-2002-0695

Currently unrated

Key Information:

Vendor: Microsoft
Status: Data Access Components; Microsoft Data Access Components
Vendor: CVE Published:; 12 August 2002

Summary

A buffer overflow vulnerability exists in the OpenRowSet component of Microsoft Data Access Components (MDAC) versions 2.5 through 2.7 for SQL Server 7.0 and 2000. This flaw allows remote attackers to execute arbitrary code by crafting a malicious T-SQL query that invokes the OpenRowSet command. If successfully exploited, attackers could gain unauthorized control over the affected system, making it crucial for users to apply security updates and mitigate potential risks.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securityfocus.com/bid/5372

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/9734.php

vdb-entryx_refsource_XF

EPSS Score

13% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 12, 2002
Vulnerability Reserved
Jul 12, 2002