Page 39 of 242 results (0.010 seconds)

CVSS: 9.0EPSS: 95%CPEs: 6EXPL: 0

CVE-2008-0106

https://notcve.org/view.php?id=CVE-2008-0106

Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement. Un desbordamiento de búfer en SQL Server 2005 SP1 y SP2, y 2005 Express Edition SP1 y SP2, de Microsoft, permite a usuarios autenticados remotos ejecutar código arbitrario por medio de una sentencia insert diseñada. • http://secunia.com/advisories/30970 http://www.securityfocus.com/archive/1/494082/100/0/threaded http://www.securityfocus.com/archive/1/516397/100/0/threaded http://www.securitytracker.com/id?1020441 http://www.us-cert.gov/cas/techalerts/TA08-190A.html http://www.vmware.com/security/advisories/VMSA-2011-0003.html http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html http://www.vupen.com/english/advisories/2008/2022/references https://docs.microsoft.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.0EPSS: 42%CPEs: 25EXPL: 0

CVE-2008-0107

https://notcve.org/view.php?id=CVE-2008-0107

Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users to execute arbitrary code via a (1) SMB or (2) WebDAV pathname for an on-disk file (aka stored backup file) with a crafted record size value, which triggers a heap-based buffer overflow, aka "SQL Server Memory Corruption Vulnerability." Desbordamiento inferior de enteros en SQL Server versiones 7.0 SP4, 2000 SP4, 2005 SP1 y SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 y SP2 y 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) versión 1.0 SP4; y Internal Database (WYukon) SP2, permite a los usuarios autenticados remotos ejecutar código arbitrario por medio de un (1) SMB o (2) pathname de WebDAV para un archivo en disco (también se conoce como archivo de copia de seguridad almacenada) con un valor de tamaño de registro creado, que desencadena un desbordamiento de búfer basado en la región heap de la memoria, también se conoce como "SQL Server Memory Corruption Vulnerability" • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=723 http://secunia.com/advisories/30970 http://www.insomniasec.com/advisories/ISVA-080709.1.htm http://www.securityfocus.com/archive/1/494082/100/0/threaded http://www.securityfocus.com/archive/1/516397/100/0/threaded http://www.securityfocus.com/bid/30119 http://www.securitytracker.com/id?1020441 http://www.us-cert.gov/cas/techalerts/TA08-190A.html http://www.vmware.com/security/advisories/VMSA-2011-0003.html • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0

CVE-2007-5090

https://notcve.org/view.php?id=CVE-2007-5090

Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a Microsoft SQL Server or an IBM DB2 database is used, allows attackers to corrupt data via unspecified vectors. Vulnerabilidad sin especificar en el IBM Rational ClearQuest (CQ), cuando se utilizan las bases de datos Microsoft SQL Server o IBM DB2, permite a atacantes remotos corromper los datos a través de vectores sin especificar. • http://osvdb.org/40598 http://secunia.com/advisories/26899 http://www-1.ibm.com/support/docview.wss?uid=swg21268116 http://www.securityfocus.com/bid/25810 http://www.securitytracker.com/id?1018735 http://www.vupen.com/english/advisories/2007/3264 https://exchange.xforce.ibmcloud.com/vulnerabilities/36771 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.5EPSS: 68%CPEs: 1EXPL: 3

CVE-2007-4814 – Microsoft SQL Server - Distributed Management Objects 'sqldmo.dll' Buffer Overflow (PoC)

https://notcve.org/view.php?id=CVE-2007-4814

Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method. Desbordamiento de búfer en el control ActiveX SQLServer de la DLL Distributed Management Objects OLE (sqldmo.dll) 2000.085.2004.00 en Microsoft SQL Server Enterprise MAnager 8.05.2004 permite a atacantes remotos ejecutar código de su elección mediante un segundo argumento largo para el método Start. • https://www.exploit-db.com/exploits/4379 https://www.exploit-db.com/exploits/4398 http://retrogod.altervista.org/microsoft_sqldmo.html http://securityreason.com/securityalert/3112 http://www.osvdb.org/38399 http://www.securityfocus.com/archive/1/478822/100/0/threaded http://www.securityfocus.com/bid/25594 https://exchange.xforce.ibmcloud.com/vulnerabilities/36509 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 86%CPEs: 5EXPL: 4

CVE-2004-1560 – MSSQL 7.0 - Remote Denial of Service

https://notcve.org/view.php?id=CVE-2004-1560

Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service (mssqlserver service halt) via a long request to TCP port 1433, possibly triggering a buffer overflow. • https://www.exploit-db.com/exploits/562 http://marc.info/?l=bugtraq&m=109650760210411&w=2 http://packetstormsecurity.nl/0410-exploits/mssql.7.0.dos.c http://secunia.com/advisories/12680 http://securitytracker.com/id?1011434 http://www.securityfocus.com/bid/11265 https://exchange.xforce.ibmcloud.com/vulnerabilities/17542 •