Vulnerability Description
SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Data Engine | 2000 |
| Microsoft | Sql Server | 2000 |
References
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-03
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-03
FAQ
What is CVE-2002-0645?
CVE-2002-0645 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in stored procedures for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 may allow authenticated users to execute arbitrary commands.
How severe is CVE-2002-0645?
CVE-2002-0645 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-0645?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Data Engine, Microsoft Sql Server.