CVE-2008-0086

Currently unrated

Key Information:

Vendor
Microsoft
Status
Sql Server Desktop Engine
Sql Server Express Edition
Sql Server
Data Engine
Vendor
CVE Published:
8 July 2008

Summary

Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression.

References

http://www.securitytracker.com/id?1020441
vdb-entryx_refsource_SECTRACK
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL
http://secunia.com/advisories/30970
third-party-advisoryx_refsource_SECUNIA

EPSS Score

95% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.