Page 10 of 60 results (0.003 seconds)

CVSS: 7.5EPSS: 6%CPEs: 7EXPL: 0

Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments. Desbordamiento de buffer en procedimientos almacenados extendidos en Microsoft SQL Server 7.0 y 2000 permiten a atacantes remotos causar una denegación de servicio o ejecutar código arbitrario mediante una consulta a la base de datos con unos ciertos argumentos largos. • http://marc.info/?l=bugtraq&m=101535353331625&w=2 http://www.cert.org/advisories/CA-2002-22.html http://www.kb.cert.org/vuls/id/627275 http://www.securityfocus.com/archive/1/261775 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-020 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A121 •

CVSS: 5.0EPSS: 2%CPEs: 9EXPL: 0

XMLHTTP control in Microsoft XML Core Services 2.6 and later does not properly handle IE Security Zone settings, which allows remote attackers to read arbitrary files by specifying a local file as an XML Data Source. El control XMLHTTP en Microsoft XML Core Services 2.6 y versiones posteriores no manejan adecuadamente el establecimiento de valores de la Zona de Seguridad del IE, lo cual permite a atacantes remotos la lectura arbitraria de ficheros especificando un fichero local como una fuente de datos XML. • http://archives.neohapsis.com/archives/bugtraq/2001-12/0152.html http://marc.info/?l=bugtraq&m=101366383408821&w=2 http://www.osvdb.org/3032 http://www.securityfocus.com/bid/3699 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-008 https://exchange.xforce.ibmcloud.com/vulnerabilities/7712 •

CVSS: 7.5EPSS: 9%CPEs: 2EXPL: 0

Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection. Desbordamiento de búfer enSQL Server 7.0 y 2000 permite a atacantes remotos ejecutar código arbitrario mediante un nombre largo de proveedor OLE DB a: (1) OpenDataSource o(2) OpenRowset en una conexión ad hoc. • http://marc.info/?l=bugtraq&m=101422555428036&w=2 http://marc.info/?l=vuln-dev&m=101413924631329&w=2 http://www.kb.cert.org/vuls/id/619707 http://www.securityfocus.com/bid/4135 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-007 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A271 •

CVSS: 7.5EPSS: 17%CPEs: 2EXPL: 0

Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879. Desbordamiento de buffer en MS SQL Server 7.0 y 2000 permite a atacantes con acceso al servidor SQL ejecutar código arbitrario por medio de las funciones 1) raiserror, (2) formatmessage, o (3) xp_sprintf. • http://marc.info/?l=bugtraq&m=100891252317406&w=2 http://www.atstake.com/research/advisories/2001/a122001-1.txt http://www.kb.cert.org/vuls/id/700575 http://www.securityfocus.com/bid/3733 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-060 https://exchange.xforce.ibmcloud.com/vulnerabilities/7724 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A83 •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

Format string vulnerability in the C runtime functions in SQL Server 7.0 and 2000 allows attackers to cause a denial of service. Vulnerabilidad de cadena formateada en las funciones de ejecución C en SQL Server 7.0 y 2000 permite a atacantes remotos provocar una denegación de servicio. • http://marc.info/?l=bugtraq&m=100891252317406&w=2 http://www.atstake.com/research/advisories/2001/a122001-1.txt http://www.securityfocus.com/bid/3732 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-060 https://exchange.xforce.ibmcloud.com/vulnerabilities/7725 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A253 •