Description

Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt.

Remediation

References

CVE-2002-0721

Related Vulnerabilities

WordPress Plugin Gutenberg Blocks by WordPress Download Manager Cross-Site Scripting (2.1.8)

Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11585)

Mailman Other Vulnerability (CVE-2005-4153)

Oracle JRE CVE-2013-0437 Vulnerability (CVE-2013-0437)

Drupal Core 7.x Multiple Security Bypass Vulnerabilities (7.0 - 7.25)

Severity

Critical

Classification

CVE-2002-0721

Tags

Missing Update Known Vulnerabilities