Buffer Overflow Vulnerability in Microsoft SQL Server and MSDE
CVE-2003-0232

Currently unrated

Key Information:

Vendor
Microsoft
Status
Sql Server
Data Engine
Vendor
CVE Published:
27 August 2003

Summary

Microsoft SQL Server 7, 2000, and MSDE have a vulnerability that allows local users to exploit the Local Procedure Calls (LPC) port to execute arbitrary code. This security issue arises from insufficient validation of input during the handling of requests through LPC, which can lead to a buffer overflow situation. Successfully exploiting this vulnerability might allow local users to execute unauthorized commands or gain elevated privileges on the affected server.

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.kb.cert.org/vuls/id/584868
third-party-advisoryx_refsource_CERT-VN
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2003-0232 : Buffer Overflow Vulnerability in Microsoft SQL Server and MSDE | SecurityVulnerability.io