PT-2002-1680 · Microsoft · Desktop Engine (Msde) 2000+1

Published

2002-07-26

Updated

2018-10-12

CVE-2002-0644

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Microsoft SQL Server 2000 Microsoft Desktop Engine (MSDE) 2000

Description A buffer overflow issue exists in several Database Consistency Checkers (DBCCs) for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000. This issue allows members of the db owner and db ddladmin roles to execute arbitrary code.

Recommendations For Microsoft SQL Server 2000, apply the necessary security patches to fix the buffer overflow issue in DBCCs. For Microsoft Desktop Engine (MSDE) 2000, apply the necessary security patches to fix the buffer overflow issue in DBCCs. As a temporary workaround, consider restricting the db owner and db ddladmin roles to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0644

Affected Products

Desktop Engine (Msde) 2000

Sql Server 2000

PT-2002-1680 · Microsoft · Desktop Engine (Msde) 2000+1

CVE-2002-0644

Related Identifiers

Affected Products

References · 3