← Back

CVE-2003-0496

nvd nist
Published: Aug 18, 2003Modified: Apr 16, 2026

JSON object

Loading...
7.2
Vector
AV:L/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 3.9 / Impact: 10.0
Source: NVD

Description

Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file.

Affected (8)

Microsoft
2 products
Windows 2000
Windows 2000 Terminal Services
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Microsoft
Windows 2000
All versions
Windows 2000
All versions
Windows 2000
All versions
Windows 2000
All versions
Microsoft
Windows 2000 Terminal Services
All versions
Windows 2000 Terminal Services
All versions
Windows 2000 Terminal Services
All versions
Windows 2000 Terminal Services
All versions

References (8)

Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
ExploitPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatchVendor Advisory

Timeline

No history available yet.