CVE-2002-0624

Published: Jul 23, 2002Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication, aka "Unchecked Buffer in Password Encryption Procedure."

Affected (2)

Products: Microsoft: Msde, Sql Server

2 products

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Microsoft Msde	Version 2000
Microsoft Sql Server	Version 2000

References (6)

http://www.cert.org/advisories/CA-2002-22.html

Source: cve@mitre.org

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-034

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A291

Source: cve@mitre.org

http://www.cert.org/advisories/CA-2002-22.html

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-034

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A291

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.