Oval Definition:	oval:org.mitre.oval:def:14052
Revision Date: 2011-12-26 Version: 5 Title: Convert Buffer Overrun Vulnerability in SQL Server Description: Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2008-0086 Platform(s): Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Product(s): Microsoft SQL Server 2000 Microsoft SQL Server 2000 Desktop Engine (WMSDE) Definition Synopsis SQL Server 2000 SP4 - GDR SQL Server 2000 is installed AND SQL Server 2000 GDR - the version of sqlservr.exe is greater than 2000.80.2000.0 AND Check if version of Sqlservr.exe is less than 2000.80.2050.0 OR SQL Server 2000 SP4- QFE SQL Server 2000 is installed AND SQL Server 2000 GDR - the version of sqlservr.exe is greater than 2000.80.2000.0 AND Check if version of Sqlservr.exe is less than 2000.80.2273.0
BACK