Oval Definition:oval:org.mitre.oval:def:14052
Revision Date:2011-12-26Version:5
Title:Convert Buffer Overrun Vulnerability in SQL Server
Description:Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-0086
Platform(s):Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Product(s):Microsoft SQL Server 2000
Microsoft SQL Server 2000 Desktop Engine (WMSDE)
Definition Synopsis
  • SQL Server 2000 SP4 - GDR
  • SQL Server 2000 is installed
  • AND SQL Server 2000 GDR - the version of sqlservr.exe is greater than 2000.80.2000.0
  • AND Check if version of Sqlservr.exe is less than 2000.80.2050.0
  • OR SQL Server 2000 SP4- QFE
  • SQL Server 2000 is installed
  • AND SQL Server 2000 GDR - the version of sqlservr.exe is greater than 2000.80.2000.0
  • AND Check if version of Sqlservr.exe is less than 2000.80.2273.0
  • BACK