CVE

Id
5031  
CVE No.
CVE-2002-0641  
Status
Candidate  
Description
Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query.  
Phase
Modified (20061101)  
Votes
ACCEPT(5) Armstrong, Baker, Cole, Foat, Wall | MODIFY(1) Frech | NOOP(2) Christey, Cox  
Comments
Christey> XF:mssql-bulk-insert-bo(9522) | URL:http://www.iss.net/security_center/static/9522.php | BID:4847 | URL:http://www.securityfocus.com/bid/4847 | Frech> XF:mssql-bulk-insert-bo(9522)  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
26098 5031 CVE-2002-0641 BUGTRAQ:20020711 Microsoft SQL Server 2000 "BULK INSERT" Buffer Overflow (#NISR11072002)  View
26099 5031 CVE-2002-0641 URL:http://marc.info/?l=bugtraq&m=102639885223746&w=2  View
26100 5031 CVE-2002-0641 MISC:http://www.ngssoftware.com/advisories/ms-sqlbi.txt  View
26101 5031 CVE-2002-0641 CERT-VN:VU#682620  View
26102 5031 CVE-2002-0641 URL:http://www.kb.cert.org/vuls/id/682620  View
26103 5031 CVE-2002-0641 BID:4847  View
26104 5031 CVE-2002-0641 URL:http://www.securityfocus.com/bid/4847  View
26105 5031 CVE-2002-0641 MS:MS02-034  View
26106 5031 CVE-2002-0641 URL:http://www.microsoft.com/technet/security/bulletin/ms02-034.asp  View
26107 5031 CVE-2002-0641 OVAL:oval:org.mitre.oval:def:316  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
63826 JVNDB-2002-000153 Microsoft SQL Server の Bulk Insert におけるバッファオーバーフローの脆弱性 Microsoft SQL Server には、BULK INSERT を使用してデータのコピーを行う際に、データ長のチェックが不適切であるため、バッファオーバーフローが発生する脆弱性が存在します。 CVE-2002-0641 5031 7.5 http://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000153.html  View