CVE-2008-0107
N/A
N/A
Summary
Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users to execute arbitrary code via a (1) SMB or (2) WebDAV pathname for an on-disk file (aka stored backup file) with a crafted record size value, which triggers a heap-based buffer overflow, aka "SQL Server Memory Corruption Vulnerability."
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securitytracker.com/id?1020441
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=723
- http://secunia.com/advisories/30970
- http://www.securityfocus.com/bid/30119
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13936
- http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
- http://www.insomniasec.com/advisories/ISVA-080709.1.htm
- http://www.vupen.com/english/advisories/2008/2022/references
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-040
- http://www.securityfocus.com/archive/1/494082/100/0/threaded
- http://www.vmware.com/security/advisories/VMSA-2011-0003.html
- http://www.us-cert.gov/cas/techalerts/TA08-190A.html
- http://www.securityfocus.com/archive/1/516397/100/0/threaded
References
- http://www.securitytracker.com/id?1020441
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=723
- http://secunia.com/advisories/30970
- http://www.securityfocus.com/bid/30119
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13936
- http://www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
- http://www.insomniasec.com/advisories/ISVA-080709.1.htm
- http://www.vupen.com/english/advisories/2008/2022/references
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-040
- http://www.securityfocus.com/archive/1/494082/100/0/threaded
- http://www.vmware.com/security/advisories/VMSA-2011-0003.html
- http://www.us-cert.gov/cas/techalerts/TA08-190A.html
- http://www.securityfocus.com/archive/1/516397/100/0/threaded
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.