CVE-2008-0106

Currently unrated

Key Information:

Vendor: Microsoft
Status: Sql Server Desktop Engine; Sql Server Express Edition; Sql Server; Data Engine
Vendor: CVE Published:; 8 July 2008

Summary

Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement.

References

http://www.securitytracker.com/id?1020441

vdb-entryx_refsource_SECTRACK

http://secunia.com/advisories/30970

third-party-advisoryx_refsource_SECUNIA

http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_re...

x_refsource_CONFIRM

EPSS Score

95% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 8, 2008
Vulnerability Reserved
Jan 7, 2008

Collectors

NVD DatabaseMitre Database