Lucene search

[email protected]NVD:CVE-2002-0695

HistoryAug 12, 2002 - 4:00 a.m.

CVE-2002-0695

2002-08-1204:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.2

Confidence

Low

EPSS

0.074

Percentile

94.1%

JSON

Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5 through 2.7 for SQL Server 7.0 or 2000 allows remote attackers to execute arbitrary code via a query that calls the OpenRowSet command.

Affected configurations

Nvd

Node

microsoftdata_access_componentsMatch1.5

microsoftdata_access_componentsMatch2.0

microsoftdata_access_componentsMatch2.1

microsoftdata_access_componentsMatch2.1.1.3711.11ga

microsoftdata_access_componentsMatch2.5

microsoftdata_access_componentsMatch2.5gold

microsoftdata_access_componentsMatch2.5sp1

microsoftdata_access_componentsMatch2.5sp2

microsoftdata_access_componentsMatch2.6

microsoftdata_access_componentsMatch2.6gold

microsoftdata_access_componentsMatch2.6sp1

microsoftdata_access_componentsMatch2.6sp2

microsoftdata_access_componentsMatch2.7

microsoftdata_access_componentsMatch2.7gold

microsoftdata_access_componentsMatch2.12.4202.3

microsoftmicrosoft_data_access_componentsMatch2.12.4292.3_ga_clean

VendorProductVersionCPE
microsoftdata_access_components1.5cpe:2.3:a:microsoft:data_access_components:1.5:*:*:*:*:*:*:*
microsoftdata_access_components2.0cpe:2.3:a:microsoft:data_access_components:2.0:*:*:*:*:*:*:*
microsoftdata_access_components2.1cpe:2.3:a:microsoft:data_access_components:2.1:*:*:*:*:*:*:*
microsoftdata_access_components2.1.1.3711.11cpe:2.3:a:microsoft:data_access_components:2.1.1.3711.11:ga:*:*:*:*:*:*
microsoftdata_access_components2.5cpe:2.3:a:microsoft:data_access_components:2.5:*:*:*:*:*:*:*
microsoftdata_access_components2.5cpe:2.3:a:microsoft:data_access_components:2.5:gold:*:*:*:*:*:*
microsoftdata_access_components2.5cpe:2.3:a:microsoft:data_access_components:2.5:sp1:*:*:*:*:*:*
microsoftdata_access_components2.5cpe:2.3:a:microsoft:data_access_components:2.5:sp2:*:*:*:*:*:*
microsoftdata_access_components2.6cpe:2.3:a:microsoft:data_access_components:2.6:*:*:*:*:*:*:*
microsoftdata_access_components2.6cpe:2.3:a:microsoft:data_access_components:2.6:gold:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	data_access_components	1.5	cpe:2.3:a:microsoft:data_access_components:1.5:::::::*
microsoft	data_access_components	2.0	cpe:2.3:a:microsoft:data_access_components:2.0:::::::*
microsoft	data_access_components	2.1	cpe:2.3:a:microsoft:data_access_components:2.1:::::::*
microsoft	data_access_components	2.1.1.3711.11	cpe:2.3:a:microsoft:data_access_components:2.1.1.3711.11:ga::::::
microsoft	data_access_components	2.5	cpe:2.3:a:microsoft:data_access_components:2.5:::::::*
microsoft	data_access_components	2.5	cpe:2.3:a:microsoft:data_access_components:2.5:gold::::::
microsoft	data_access_components	2.5	cpe:2.3:a:microsoft:data_access_components:2.5:sp1::::::
microsoft	data_access_components	2.5	cpe:2.3:a:microsoft:data_access_components:2.5:sp2::::::
microsoft	data_access_components	2.6	cpe:2.3:a:microsoft:data_access_components:2.6:::::::*
microsoft	data_access_components	2.6	cpe:2.3:a:microsoft:data_access_components:2.6:gold::::::

Rows per page:

1-10 of 161

References

www.iss.net/security_center/static/9734.php

www.nextgenss.com/advisories/mssql-ors.txt

www.securityfocus.com/bid/5372

docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-040

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.2

Confidence

Low

EPSS

0.074

Percentile

94.1%

JSON

Related for NVD:CVE-2002-0695

cvelist1 cve1 nessus1