CVE-2002-0624
Summary
| CVE | CVE-2002-0624 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2002-07-23 04:00:00 UTC |
| Updated | 2018-10-12 21:31:00 UTC |
| Description | Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication, aka "Unchecked Buffer in Password Encryption Procedure." |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Microsoft | Msde | 2000 | All | All | All |
| Application | Microsoft | Msde | 2000 | All | All | All |
| Application | Microsoft | Sql Server | 2000 | All | All | All |
| Application | Microsoft | Sql Server | 2000 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Repository / Oval Repository | OVAL | oval.cisecurity.org | |
| Microsoft Security Bulletin MS02-034 - Moderate | Microsoft Docs | MS | docs.microsoft.com | |
| CERT Advisory CA-2002-22 Multiple Vulnerabilities in Microsoft SQL Server | CERT | www.cert.org | US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.