CVE-2002-0695

3 documents3 sources

Severity

7.5HIGH

EPSS

13.3%

top 5.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Data Access Components Microsoft Microsoft Data Access Components

Timeline

PublishedAug 12

Latest updateApr 30

Description

Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5 through 2.7 for SQL Server 7.0 or 2000 allows remote attackers to execute arbitrary code via a query that calls the OpenRowSet command.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDmicrosoft/data_access_components8 versions+7

▶NVDmicrosoft/microsoft_data_access_components2.12.4292.3_ga_clean

🔴Vulnerability Details

GHSA

GHSA-gj9p-2pjp-8vjq: Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2↗2022-04-30

▶

CVEList

CVE-2002-0695: Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2↗2003-04-02

▶