Buffer Overflow Vulnerability in Microsoft SQL Server 2005 by Microsoft
CVE-2008-0106

Currently unrated

Key Information:

Vendor
Microsoft
Status
Sql Server Desktop Engine
Sql Server Express Edition
Sql Server
Data Engine
Vendor
CVE Published:
8 July 2008

Summary

A buffer overflow vulnerability exists in Microsoft SQL Server 2005 and its Express Edition variants that allows remote authenticated users to execute arbitrary code. This is accomplished through a specially crafted insert statement, which can exploit the overflow and lead to unauthorized access and execution of arbitrary commands on the server. Proper mitigation strategies and updates are essential to safeguard against potential exploitation.

References

http://www.securitytracker.com/id?1020441
vdb-entryx_refsource_SECTRACK
http://secunia.com/advisories/30970
third-party-advisoryx_refsource_SECUNIA
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_re...
x_refsource_CONFIRM

EPSS Score

72% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2008-0106 : Buffer Overflow Vulnerability in Microsoft SQL Server 2005 by Microsoft | SecurityVulnerability.io