CVE-2002-0641

3 documents3 sources
Severity
7.5HIGH
EPSS
17.8%
top 4.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Microsoft MsdeMicrosoft SQL Server
Timeline
PublishedJul 23
Latest updateApr 30

Description

Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDmicrosoft/msde2000

🔴Vulnerability Details

2
GHSA
GHSA-f986-r74j-35r6: Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers wit2022-04-30
CVEList
CVE-2002-0641: Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers wit2002-07-12
CVE-2002-0641 (HIGH CVSS 7.5) | Buffer overflow in bulk insert proc | cvebase.io