Lucene search
K
MicrosoftMsde

4 matches found

CVE
CVE
added 2002/08/10 4:0 a.m.134 views

CVE-2000-1209

The CVE-2000-1209 issue affects Microsoft SQL Server 2000, SQL Server 7.0, and Data Engine (MSDE) 1.0 where the sa account is installed with a default null password. This enables remote attackers to gain privileges and was exploited by worms such as Voyager Alpha Force and Spida, with third-party...

10CVSS7.3AI score0.87307EPSS
Web
CVE
CVE
added 2003/04/02 5:0 a.m.87 views

CVE-2002-0642

CVE-2002-0642 corresponds to an elevation-of-privilege issue in Microsoft SQL Server 2000 and MSDE 2000 caused by insecure permissions on the registry key that stores the SQL Server service account. The OpenVAS/SECURITYVULNS entries corroborate a privilege-escalation risk tied to the SQL Server s...

7.2CVSS6.5AI score0.49698EPSS
CVE
CVE
added 2002/07/12 4:0 a.m.60 views

CVE-2002-0624

CVE-2002-0624 describes a buffer overflow in the pwdencrypt() password-encryption function in Microsoft SQL Server 2000 (including MSDE 2000) that can allow remote attackers to execute arbitrary code with the SQL Server service account when authenticating via SQL Server Authentication. Public sou...

7.5CVSS8.5AI score0.22845EPSS
CVE
CVE
added 2002/07/12 4:0 a.m.57 views

CVE-2002-0641

The CVE-2002-0641 issue affects Microsoft SQL Server 2000 and MSDE 2000, where a buffer overflow in the BULK INSERT procedure can be triggered by a file name that is too long. Exploitation requires Bulk Admin or Administrator privileges and can allow execution of arbitrary code with system/high p...

7.5CVSS8AI score0.11237EPSS