First published: Thu Dec 20 2001(Updated: )
Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft SQL Server | =7.0 | |
Microsoft SQL Server | =2000 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.