Lucene search

[email protected]CVE-2002-0186

HistoryJul 03, 2002 - 4:00 a.m.

CVE-2002-0186

2002-07-0304:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2002-0186

microsoft sql server 2000

buffer overflow

sqlxml isapi

remote code execution

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.933 High

EPSS

Percentile

99.1%

JSON

Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code via data queries with a long content-type parameter, aka “Unchecked Buffer in SQLXML ISAPI Extension.”

CPENameOperatorVersion
microsoft:sql_servermicrosoft sql servereq2000

CPE	Name	Operator	Version
microsoft:sql_server	microsoft sql server	eq	2000

References

archives.neohapsis.com/archives/vulnwatch/2002-q2/0100.html

marc.info/?l=bugtraq&m=102397345410856&w=2

www.iss.net/security_center/static/9328.php

www.kb.cert.org/vuls/id/811371

www.osvdb.org/5347

www.securityfocus.com/bid/5004

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-030

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A484

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A489

8.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.933 High

EPSS

Percentile

99.1%

JSON

Related for CVE-2002-0186

cert1 securityvulns1 nessus1