Vulnerability Description
Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_pty_checkusers, (2) xp_pty_insert, or (3) xp_pty_select.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Protegrity | Secure.Data | 2.2.3.7 |
References
- http://marc.info/?l=bugtraq&m=104758650516677&w=2
- http://secunia.com/advisories/8294
- http://www.kb.cert.org/vuls/id/247545PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/7083Vendor Advisory
- http://www.securityfocus.com/bid/7084Vendor Advisory
- http://www.securityfocus.com/bid/7085Vendor Advisory
- http://marc.info/?l=bugtraq&m=104758650516677&w=2
- http://secunia.com/advisories/8294
- http://www.kb.cert.org/vuls/id/247545PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/7083Vendor Advisory
- http://www.securityfocus.com/bid/7084Vendor Advisory
- http://www.securityfocus.com/bid/7085Vendor Advisory
FAQ
What is CVE-2003-0030?
CVE-2003-0030 is a vulnerability with a CVSS score of 10.0 (HIGH). Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_...
How severe is CVE-2003-0030?
CVE-2003-0030 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0030?
Check the references section above for vendor advisories and patch information. Affected products include: Protegrity Secure.Data.