 | |
| |||||||
| Home | Register | Projects | Blogs | FAQ | Calendar | Search | Today's Posts | Mark Forums Read | Free Directory | Free DNSReport | Tags |
| Notices |
| Advisories Discuss about all newly security flaws classed by CVE entries and reviewed by security experts |
CVE-2008-0107 (sql_server, data_engine, sql_server_desktop_engine, sql_server_expressThis is a discussion on "CVE-2008-0107 (sql_server, data_engine, sql_server_desktop_engine, sql_server_express" within the Advisories part of the Computer Security: Discussions section; Integer underflow in Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, Microsoft Data Engine (MSDE) 1.0 SP4, SQL Server 2000 Desktop Engine (MSDE 2000) SP4, and 2005 Express Edition SP2 allows remote authenticated users to execute arbitrary ... |
 |
| | LinkBack | Thread Tools | Display Modes |
09-07-08
| |||
| |||
 CVE-2008-0107 (sql_server, data_engine, sql_server_desktop_engine, sql_server_express Integer underflow in Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, Microsoft Data Engine (MSDE) 1.0 SP4, SQL Server 2000 Desktop Engine (MSDE 2000) SP4, and 2005 Express Edition SP2 allows remote authenticated users to execute arbitrary code via an on-disk file with a crafted record size value, which triggers a buffer overflow, aka "SQL Server Memory Corruption Vulnerability." More...  |
| Sponsor | ||
| ||
| |
|
« CVE-2008-0085 (sql_server, Data Engine, SQL Server Desktop Engine)
|
CVE-2008-2248 (exchange_srv) »
| Thread Tools | |
| Display Modes | |
Linear Mode
| |
