CVE-2002-0624

CVE Database · CVE-2002-0624

CVE-2002-0624

· N/AModified

CVSS v3.1

N/A

EPSS

22.84%

Published

Jul 23, 2002

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

Exploit-DBMicrosoft SQL Server 2000 - Password Encrypt procedure Buffer Overflow

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication, aka "Unchecked Buffer in Password Encryption Procedure."

Affected Products (2)

microsoft · msdevulnerable

microsoft · sql_servervulnerable

References (6)

http://www.cert.org/advisories/CA-2002-22.html

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-034

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A291

http://www.cert.org/advisories/CA-2002-22.html

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-034

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A291

KEV Catalog EPSS Scores Vendors All CVEs