Microsoft SQL Server includes a Distributed Management Object model which offers a modern, object-oriented alternative to using stored procedures. The Distributed Management Object model is implemented by the
**sqldmo.dll** ActiveX control.
A buffer overflow vulnerability in the
**sqldmo.dll** ActiveX control allows command execution when a user opens a web page which calls the Start method with a long, specially crafted argument.
Set the kill bit for Class ID 10020200-E260-11CF-AE68-00AA004A34D5 as described in Microsoft Knowledge Base Article 240797.
Exploit works on Microsoft SQL Server 2005 SP2 on Windows 2000 and requires a user to open the exploit page in Internet Explorer.