CVE-2007-4814 – Microsoft SQL Server - Distributed Management Objects 'sqldmo.dll' Buffer Overflow (PoC)

https://notcve.org/view.php?id=CVE-2007-4814

Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method. Desbordamiento de búfer en el control ActiveX SQLServer de la DLL Distributed Management Objects OLE (sqldmo.dll) 2000.085.2004.00 en Microsoft SQL Server Enterprise MAnager 8.05.2004 permite a atacantes remotos ejecutar código de su elección mediante un segundo argumento largo para el método Start. • https://www.exploit-db.com/exploits/4379 https://www.exploit-db.com/exploits/4398 http://retrogod.altervista.org/microsoft_sqldmo.html http://securityreason.com/securityalert/3112 http://www.osvdb.org/38399 http://www.securityfocus.com/archive/1/478822/100/0/threaded http://www.securityfocus.com/bid/25594 https://exchange.xforce.ibmcloud.com/vulnerabilities/36509 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •