Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2001-0879 | 5.0 |
Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service.
|
30-04-2019 - 14:27 | 20-12-2001 - 05:00 | |
CVE-2003-0231 | 5.0 |
Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe.
|
12-10-2018 - 21:32 | 27-08-2003 - 04:00 | |
CVE-2003-0232 | 7.2 |
Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls (LPC) port that leads to a buffer overflow.
|
12-10-2018 - 21:32 | 27-08-2003 - 04:00 | |
CVE-2003-0230 | 7.2 |
Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.
|
12-10-2018 - 21:32 | 27-08-2003 - 04:00 | |
CVE-2002-0641 | 7.5 |
Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSER
|
12-10-2018 - 21:31 | 23-07-2002 - 04:00 | |
CVE-2002-0154 | 7.5 |
Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments.
|
12-10-2018 - 21:31 | 16-05-2002 - 04:00 | |
CVE-2002-0624 | 7.5 |
Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authenticat
|
12-10-2018 - 21:31 | 23-07-2002 - 04:00 | |
CVE-2002-0056 | 7.5 |
Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.
|
12-10-2018 - 21:30 | 08-03-2002 - 05:00 | |
CVE-2001-0542 | 7.5 |
Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability repo
|
12-10-2018 - 21:30 | 20-12-2001 - 05:00 | |
CVE-2001-0344 | 7.2 |
An SQL query method in Microsoft SQL Server 2000 Gold and 7.0 using Mixed Mode allows local database users to gain privileges by reusing a cached connection of the sa administrator account.
|
12-10-2018 - 21:30 | 21-07-2001 - 04:00 |