What is the severity of CVE-2002-0695?

CVE-2002-0695 is considered a critical vulnerability that allows remote attackers to execute arbitrary code.

How do I fix CVE-2002-0695?

To fix CVE-2002-0695, it is recommended to upgrade to the latest version of Microsoft Data Access Components that has addressed this vulnerability.

Which versions of Microsoft Data Access Components are affected by CVE-2002-0695?

CVE-2002-0695 affects versions 2.0 through 2.7 of Microsoft Data Access Components.

Is there a workaround for CVE-2002-0695?

A workaround for CVE-2002-0695 is to restrict the usage of OpenRowSet queries in applications that rely on Microsoft Data Access Components.

What types of attacks are possible due to CVE-2002-0695?

CVE-2002-0695 can lead to remote code execution, allowing attackers to potentially take full control of the affected systems.

Vulnerability/
CVE-2002-0695

high

7.5

CWE

NVD-CWE-Other 119

12/8/2002

2/4/2003

8/8/2024

CVE-2002-0695: Buffer Overflow

First published: Mon Aug 12 2002(Updated: )

Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5 through 2.7 for SQL Server 7.0 or 2000 allows remote attackers to execute arbitrary code via a query that calls the OpenRowSet command.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Microsoft Data Access Components	=1.5
Microsoft Data Access Components	=2.0
Microsoft Data Access Components	=2.1
Microsoft Data Access Components	=2.1.1.3711.11-ga
Microsoft Data Access Components	=2.5
Microsoft Data Access Components	=2.5-gold
Microsoft Data Access Components	=2.5-sp1
Microsoft Data Access Components	=2.5-sp2
Microsoft Data Access Components	=2.6
Microsoft Data Access Components	=2.6-gold
Microsoft Data Access Components	=2.6-sp1
Microsoft Data Access Components	=2.6-sp2
Microsoft Data Access Components	=2.7
Microsoft Data Access Components	=2.7-gold
Microsoft Data Access Components	=2.12.4202.3
Microsoft Data Access Components	=2.12.4292.3_ga_clean

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2002-0695?
CVE-2002-0695 is considered a critical vulnerability that allows remote attackers to execute arbitrary code.
How do I fix CVE-2002-0695?
To fix CVE-2002-0695, it is recommended to upgrade to the latest version of Microsoft Data Access Components that has addressed this vulnerability.
Which versions of Microsoft Data Access Components are affected by CVE-2002-0695?
CVE-2002-0695 affects versions 2.0 through 2.7 of Microsoft Data Access Components.
Is there a workaround for CVE-2002-0695?
A workaround for CVE-2002-0695 is to restrict the usage of OpenRowSet queries in applications that rely on Microsoft Data Access Components.
What types of attacks are possible due to CVE-2002-0695?
CVE-2002-0695 can lead to remote code execution, allowing attackers to potentially take full control of the affected systems.

agent/references
agent/type
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/author
agent/weakness
agent/description
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/microsoft
canonical/microsoft data access components
version/microsoft data access components/1.5
version/microsoft data access components/2.0
version/microsoft data access components/2.1
version/microsoft data access components/2.1.1.3711.11-ga
version/microsoft data access components/2.5
version/microsoft data access components/2.5-gold
version/microsoft data access components/2.5-sp1
version/microsoft data access components/2.5-sp2
version/microsoft data access components/2.6
version/microsoft data access components/2.6-gold
version/microsoft data access components/2.6-sp1
version/microsoft data access components/2.6-sp2
version/microsoft data access components/2.7
version/microsoft data access components/2.7-gold
version/microsoft data access components/2.12.4202.3
version/microsoft data access components/2.12.4292.3_ga_clean