CVE

Id
4579  
CVE No.
CVE-2002-0187  
Status
Entry  
Description
Cross-site scripting vulnerability in the SQLXML component of Microsoft SQL Server 2000 allows an attacker to execute arbitrary script via the root parameter as part of an XML SQL query, aka "Script Injection via XML Tag."  
Phase
 
Votes
 
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
22881 4579 CVE-2002-0187 BUGTRAQ:20020613 wp-02-0007: Microsoft SQLXML ISAPI Overflow and Cross Site Scripting  View
22882 4579 CVE-2002-0187 URL:http://marc.info/?l=bugtraq&m=102397345410856&w=2  View
22883 4579 CVE-2002-0187 VULNWATCH:20020613 [VulnWatch] wp-02-0007: Microsoft SQLXML ISAPI Overflow and Cross Site Scripting  View
22884 4579 CVE-2002-0187 URL:http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0100.html  View
22885 4579 CVE-2002-0187 MS:MS02-030  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
63803 JVNDB-2002-000130 Microsoft SQLXML における任意のスクリプトを実行される脆弱性 Microsoft SQLXMLには、XML SQL クエリに含まれる Root パラメータに対するチェックが不適切であるため、XML タグを介してユーザのホスト上で任意のスクリプトが実行されてしまう脆弱性が存在します。 CVE-2002-0187 4579 7.5 http://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000130.html  View