[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

77986

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-0107

Date: (C)2008-07-08   (M)2017-10-04
 
CVSS Score: 9.0Access Vector: NETWORK
Exploitability Subscore: 8.0Access Complexity: LOW
Impact Subscore: 10.0Authentication: SINGLE_INSTANCE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users to execute arbitrary code via a (1) SMB or (2) WebDAV pathname for an on-disk file (aka stored backup file) with a crafted record size value, which triggers a heap-based buffer overflow, aka "SQL Server Memory Corruption Vulnerability."

Reference:
SECTRACK-1020441
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=723
http://www.securityfocus.com/archive/1/archive/1/494082/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/516397/100/0/threaded
BID-30119
SECUNIA-30970
ADV-2008-2022
IAVM:2011-A-0066
MS08-040
TA08-190A
http://www.insomniasec.com/advisories/ISVA-080709.1.htm
http://www.vmware.com/security/advisories/VMSA-2011-0003.html
http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html

CPE    6
cpe:/a:microsoft:sql_server:2005:sp2
cpe:/a:microsoft:sql_server:2005:sp1
cpe:/a:microsoft:sql_server:2000:sp4
cpe:/o:microsoft:windows_server_2008:::x32
...
CWE    1
CWE-189
OVAL    2
oval:org.secpod.oval:def:3185
oval:org.mitre.oval:def:13936

© 2013 SecPod Technologies