|
Integer underflow in Microsoft SQL Server 7.0 SP4, 2000 SP4, 2005 SP2, Microsoft Data Engine (MSDE) 1.0 SP4, SQL Server 2000 Desktop Engine (MSDE 2000) SP4, and 2005 Express Edition SP2 allows remote authenticated users to execute arbitrary code via an on-disk file with a crafted record size value, which triggers a buffer overflow, aka "SQL Server Memory Corruption Vulnerability."
Original Source: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0107
Learn more about CVE-2008-0107 (sql_server, data_engine, sql_server_desktop_engine, sql_server_express_edition) |
