Lucene search

[email protected]CVE-2007-4814

HistorySep 11, 2007 - 7:17 p.m.

CVE-2007-4814

2007-09-1119:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-4814

buffer overflow

sqlserver

activex control

remote code execution

nvd

microsoft sql server enterprise manager

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.685 Medium

EPSS

Percentile

98.0%

JSON

Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method.

Affected configurations

NVD

Node

microsoftsql_serverMatch2005sp2

CPENameOperatorVersion
microsoft:sql_servermicrosoft sql servereq2005

CPE	Name	Operator	Version
microsoft:sql_server	microsoft sql server	eq	2005

References

retrogod.altervista.org/microsoft_sqldmo.html

securityreason.com/securityalert/3112

www.osvdb.org/38399

www.securityfocus.com/archive/1/478822/100/0/threaded

www.securityfocus.com/bid/25594

exchange.xforce.ibmcloud.com/vulnerabilities/36509

www.exploit-db.com/exploits/4379

www.exploit-db.com/exploits/4398

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8 High

AI Score

Confidence

Low

0.685 Medium

EPSS

Percentile

98.0%

JSON

Related for CVE-2007-4814

cvelist1 saint4 nvd1 prion1