Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0859

4 documents4 sources
Severity
7.5HIGH
EPSS
39.2%
top 2.71%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Microsoft JETMicrosoft SQL Server
Timeline
PublishedSep 5
Latest updateApr 30

Description

Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

ā–¶NVDmicrosoft/jet4.0

šŸ”“Vulnerability Details

2
GHSA
GHSA-75vw-vxph-j655: Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary codeā†—2022-04-30
ā–¶
CVEList
CVE-2002-0859: Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary codeā†—2003-04-02
ā–¶

šŸ’„Exploits & PoCs

1
Exploit-DB
Microsoft SQL Server 2000 / Microsoft Jet 4.0 Engine - Unicode Buffer Overflow (PoC)ā†—2002-06-19
ā–¶
CVE-2002-0859 (HIGH CVSS 7.5) | Buffer overflow in the OpenDataSour | cvebase.io