CVE-2001-0542

CVE Database · CVE-2001-0542

CVE-2001-0542

· N/AModified

CVSS v3.1

N/A

EPSS

13.62%

Published

Dec 20, 2001

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879.

Affected Products (2)

microsoft · sql_servervulnerable

References (14)

http://marc.info/?l=bugtraq&m=100891252317406&w=2

http://www.atstake.com/research/advisories/2001/a122001-1.txt

PatchVendor Advisory

http://www.kb.cert.org/vuls/id/700575

US Government Resource

http://www.securityfocus.com/bid/3733

PatchVendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-060

https://exchange.xforce.ibmcloud.com/vulnerabilities/7724

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A83

http://marc.info/?l=bugtraq&m=100891252317406&w=2

KEV Catalog EPSS Scores Vendors All CVEs