Description

Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879.

Remediation

References

CVE-2001-0542

Related Vulnerabilities

Moodle Other Vulnerability (CVE-2012-2366)

Joomla Improper Input Validation Vulnerability (CVE-2006-1957)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2014-9035)

XWiki Incorrect Authorization Vulnerability (CVE-2022-23615)

WordPress Plugin Sticky Menu on Scroll, Sticky Header, Sticky Welcome Bar for Any Theme-myStickymenu Unspecified Vulnerability (2.1.4)

Severity

High

Classification

CVE-2001-0542

Tags

Missing Update Known Vulnerabilities