Oval Definition:	oval:org.mitre.oval:def:316
Revision Date: 2014-06-23 Version: 3 Title: MS SQL Server Bulk Insert Procedure Buffer Overflow Description: Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2002-0641 Platform(s): Microsoft Windows 2000 Product(s): Microsoft SQL Server 2000 Microsoft SQL Server 2000 Desktop Engine (WMSDE) Definition Synopsis SQL Server 2000 is installed AND the version of sqlservr.exe is less than 2000.80.650.0 AND the version of odsole70.dll is less than 2000.80.606.0 AND the version of xpqueue.dll is less than 2000.80.606.0 AND the version of xprepl.dll is less than 2000.80.606.0 AND the version of xplog70.dll is less than 2000.80.606.0 AND the version of xpweb70.dll is less than 2000.80.606.0 AND the version of xpstar.dll is less than 2000.80.628.0 AND the version of impprov.dll is less than 2000.80.650.0
BACK