Unchecked Buffer in SQLXML Could Lead to Code Execution New
A security flaw exists in Microsoft SQLXML, which ships as part of SQL Server 2000, may allow a malicious remote user to gain elevated privileges or to run code of their choice on the Microsoft Internet Information Services (IIS) Server.
Issue
SQLXML enables the transfer of XML data to and from SQL Server 2000. Database queries can be returned in the form of XML documents which can then be stored or transferred easily. Using SQLXML, you can access SQL Server 2000 using XML through your browser over HTTP.
Two vulnerabilities exist in SQLXML:
- An unchecked buffer vulnerability in an ISAPI extension that could, in the worst case, allow an attacker to run code of their choice on the Microsoft Internet Information Services (IIS) Server.
- A vulnerability in a function specifying an XML tag that could allow an attacker to run script on the user’s computer with higher privilege. For example, a script might be able to be run in the Intranet Zone instead of the Internet Zone.
Affected Products
- Microsoft SQLXML, which ships as part of SQL Server 2000 and can be downloaded separately.
Download
Software patches are available from the following locations:
- Microsoft SQLXML version shipping with SQL 2000 Gold
- Microsoft SQLXML version 2
- Microsoft SQLXML version 3
Further Details
Source: Microsoft Corporation
Reference: Microsoft Corporation
Updated: June 12, 2002
>> Recommended Download - secure your PC from spyware, adware and malware now with Spyware Doctor <<
 |
 |
|
More Guides » | Registry Guide | Support Forums | Software Guide | Scripting Guide | Search |  | |
