Description

Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879.

Remediation

References

CVE-2001-0542

Related Vulnerabilities

Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3221)

WordPress Plugin WP Gravity Forms Insightly Cross-Site Scripting (1.0.6)

Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-11466)

PHP Incorrect Calculation of Buffer Size Vulnerability (CVE-2008-0599)

WordPress Plugin WP Inimat Cross-Site Scripting (1.0)

Severity

High

Classification

CVE-2001-0542

Tags

Missing Update Known Vulnerabilities