CVE-2001-0542 Information

Description

Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror (2) formatmessage or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879.

Reference

http://marc.info/?l=bugtraq&m=100891252317406&w=2 http://www.atstake.com/research/advisories/2001/a122001-1.txt http://www.kb.cert.org/vuls/id/700575 http://www.securityfocus.com/bid/3733 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-060 https://exchange.xforce.ibmcloud.com/vulnerabilities/7724 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A83