Description

Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879.

Remediation

References

CVE-2001-0542

Related Vulnerabilities

Joomla Missing Authorization Vulnerability (CVE-2021-23123)

WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Multiple Vulnerabilities (2.9.9)

Apache HTTP Server Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9517)

Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-34265)

Oracle Database Server CVE-2014-6542 Vulnerability (CVE-2014-6542)

Severity

High

Classification

CVE-2001-0542

Tags

Missing Update Known Vulnerabilities