Description

Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt.

Remediation

References

CVE-2002-0721

Related Vulnerabilities

WordPress Plugin Print-O-Matic Cross-Site Scripting (2.0.2)

Magento CVE-2020-9585 Vulnerability (CVE-2020-9585)

Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2018-17189)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5269)

ownCloud Other Vulnerability (CVE-2014-2056)

Severity

Critical

Classification

CVE-2002-0721

Tags

Missing Update Known Vulnerabilities