Back to search
CVE-2001-0542
Published: Feb 18, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
mssql-text-message-bo(7724)
vdb-entry
x_refsource_XF
20011221 @stake advisory: Multiple overflow and format string vulnerabilities in in Microsoft SQL Server
mailing-list
x_refsource_BUGTRAQ
3733
vdb-entry
x_refsource_BID
VU#700575
third-party-advisory
x_refsource_CERT-VN
MS01-060
vendor-advisory
x_refsource_MS
oval:org.mitre.oval:def:83
vdb-entry
signature
x_refsource_OVAL
A122001-1
vendor-advisory
x_refsource_ATSTAKE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now