Microsoft SQL Server 7.0 and 2000 Vulnerability in Job Output Handling
CVE-2002-1138

Currently unrated

Key Information:

Vendor

Microsoft
Status
Sql Server
Data Engine
Vendor
CVE Published:
11 October 2002

What is CVE-2002-1138?

Microsoft SQL Server 7.0 and 2000, along with its related Microsoft Data Engine products, exhibit a vulnerability in how output files for scheduled jobs are managed. The system writes these files using its own privileges rather than the privileges of the user who initiated the job. This oversight allows potential attackers to manipulate and overwrite system files, leading to possible unauthorized access and altered system integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.iss.net/security_center/static/10257.php
vdb-entryx_refsource_XF
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.ciac.org/ciac/bulletins/n-003.shtml
third-party-advisorygovernment-resourcex_refsource_CIAC

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.