Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2002-0186

EPSS 73.41% · P99
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2002-0186

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code via data queries with a long content-type parameter, aka "Unchecked Buffer in SQLXML ISAPI Extension."
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Microsoft SQLXML ISAPI远程缓冲区溢出漏洞(MS02-030)
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SQLXML ISAPI可以使IIS服务器能够从SQL服务器接受或向其输出XML数据,从而以XML的格式返回查询请求。 SQLXML ISAPI实现上存在缓冲区溢出漏洞,远程攻击者可能通过溢出攻击在主机上以SYSTEM权限执行任意指令。 当使用SQLXML的"sql="语法进行SQL查询的时候,用户可以指定某些参数来影响返回的XML输出,其中的一个参数为content-type。如果提交一个超长的content-type值给IIS,服务器程序可能会崩溃,精心构造成提交的数据可能导致远程攻击者在主机上以SY
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2002-0186

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2002-0186

登录查看更多情报信息。

Same Patch Batch · n/a · 2003-04-02 · 350 CVEs total

CVE-2002-0719Microsoft Content Management Server 2001 SQL注入漏洞(MS02-041)
CVE-2002-0741PsyBNC超长密码导致拒绝服务漏洞
CVE-2002-0738MHonArc HTML脚本过滤可绕过漏洞
CVE-2002-0737Sambar WEB服务程序服务端文件解析可绕过漏洞
CVE-2002-0736Microsoft BackOffice授权问题漏洞
CVE-2002-0734B2 B2config.php远程命令执行漏洞
CVE-2002-0733ACME Labs thttpd跨站脚本执行漏洞
CVE-2002-0727Microsoft OWC可导致Active脚本执行漏洞
CVE-2002-0726Microsoft TSAC ActiveX远程缓冲区溢出漏洞(MS02-046)
CVE-2002-0722Microsoft Internet Explorer 安全漏洞
CVE-2002-0720Microsoft Windows 2000网络连接管理器权限提升漏洞(MS02-042)
CVE-2002-0704Linux NetFilter NAT信息泄露漏洞
CVE-2002-0697Microsoft Metadirectory服务远程LDAP客户端管理员访问漏洞(MS02-036)
CVE-2002-0698Microsoft Exchange Server 缓冲区错误漏洞
CVE-2002-0700Microsoft Content Management Server 2001用户认证缓冲区溢出漏洞(MS02-041)
CVE-2002-0701多个供应商进BSD KTrace SUID/SGID进程追踪漏洞
CVE-2002-0703Gisle Aas Digest-MD5 UTF-8摘要计算存在漏洞
CVE-2002-0714Squid FTP代理数据通道漏洞
CVE-2002-0718Microsoft Content Management Server 2001文件上传漏洞(MS02-041)
CVE-2002-0716OpenServer定时服务格式字符串漏洞

Showing top 20 of 350 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2002-0186

No comments yet

Leave a comment