CVE-2008-5416

NONECVSS 0.0

0.0

Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 and SP2; and Windows Internal Database (WYukon) SP2 allows remote authenticated users to cause a denial of service (access violation exception) or execute arbitrary code by calling the sp_replwritetovarbin extended stored procedure with a set of invalid parameters that trigger memory overwrite, aka "SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability."

🔗 References (44)

cve@mitrehttp://archives.neohapsis.com/archives/fulldisclosure/2008-12/0304.html
cve@mitrehttp://osvdb.org/50917
cve@mitrehttp://secunia.com/advisories/33034
cve@mitrehttp://securityreason.com/securityalert/4706
cve@mitrehttp://securitytracker.com/id?1021363
cve@mitrehttp://securitytracker.com/id?1021490
cve@mitrehttp://support.avaya.com/elmodocs2/security/ASA-2009-055.htm
cve@mitrehttp://www.kb.cert.org/vuls/id/696644
cve@mitrehttp://www.microsoft.com/technet/security/advisory/961040.mspx
cve@mitrehttp://www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt
cve@mitrehttp://www.securityfocus.com/archive/1/499042/100/0/threaded
cve@mitrehttp://www.securityfocus.com/archive/1/499085/100/0/threaded
cve@mitrehttp://www.securityfocus.com/archive/1/516397/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/32710
cve@mitrehttp://www.us-cert.gov/cas/techalerts/TA09-041A.html

Is Your Infrastructure Affected by CVE-2008-5416?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-5416

📅 Published

🔄 Last Modified

🔗 References (44)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-5416?