CVE-2008-0107
Published Jul 8, 2008
Last updated 6 years ago
Overview
- Description
- Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users to execute arbitrary code via a (1) SMB or (2) WebDAV pathname for an on-disk file (aka stored backup file) with a crafted record size value, which triggers a heap-based buffer overflow, aka "SQL Server Memory Corruption Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9
- Impact score
- 10
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-189
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:data_engine:1.0:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "12788D78-4334-4A8A-9841-3DD894FDED50"
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server:7.0:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54EB3111-B93A-4577-9592-0D13FE7FD2C4"
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server:2000:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7A5116E-BD37-4539-B815-F1B70EC4D45D"
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server:2000:sp4:itanium:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F78E205-376E-42AF-A7BF-53A2FA971005"
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "412A3365-9AB3-4EA5-85B6-63F3D76325C5"
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp1:express:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96106DF3-05B0-4ABE-B34D-8A4748F89D9F"
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp1:itanium:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD176461-5B49-497B-B7BE-79C91CCF5FF0"
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp1:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DCC460F8-8006-4463-ADD6-C32DEAF28216"
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "26423C70-4475-4D7E-8CC0-D8CFADE16B26"
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:express:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4003E7DB-CC5F-4775-9374-B9E8B81970C5"
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7EF6C51-17EA-43E4-84BA-08CE705C2D55"
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7ADB520B-B847-4855-95B1-6CEA36D66C07"
},
{
"criteria": "cpe:2.3:a:microsoft:sql_server_desktop_engine:2000:sp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7910EDCF-376B-462A-996D-782C27E7322A"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:wmsde:2000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9587D8FD-01AC-4DE5-8B1D-5EE9B7BC5E76"
},
{
"criteria": "cpe:2.3:a:microsoft:wyukon:*:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4037FF7-C7C3-4ABF-BB86-E5517A52EFE5"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:wmsde:2000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9587D8FD-01AC-4DE5-8B1D-5EE9B7BC5E76"
},
{
"criteria": "cpe:2.3:a:microsoft:wyukon:*:sp2:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0BEE38BD-C7FC-4529-B074-67280DC3F455"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "31A64C69-D182-4BEC-BA8A-7B405F5B2FC0"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "4D3B5E4F-56A6-4696-BBB4-19DF3613D020"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:wyukon:*:sp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C4037FF7-C7C3-4ABF-BB86-E5517A52EFE5"
},
{
"criteria": "cpe:2.3:a:microsoft:wyukon:*:sp2:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0BEE38BD-C7FC-4529-B074-67280DC3F455"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9CFB1A97-8042-4497-A45D-C014B5E240AB"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F9C7616-658D-409D-8B53-AC00DC55602A"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]