Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2002-0721

Microsoft SQL Server 7.0 and 2000 installs with weak permissions for extended stored procedures that are associated with helper functions, which could allow unprivileged users, and possibly remote attackers, to run stored procedures with administrator privileges via (1) xp_execresultset, (2) xp_printstatements, or (3) xp_displayparamstmt.

  • Published: Sep 5, 2002
  • Updated: Apr 13, 2023
  • CVE: CVE-2002-0721
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
microsoft / sql_server 7.0-sp1 7.0-sp1.x
microsoft / sql_server 2000-sp2 2000-sp2.x
microsoft / sql_server 7.0 7.0.x
microsoft / data_engine 1.0 1.0.x
microsoft / sql_server 2000 2000.x
microsoft / sql_server 2000-sp1 2000-sp1.x
microsoft / data_engine 2000 2000.x
microsoft / sql_server 7.0-sp3 7.0-sp3.x
microsoft / sql_server 7.0-sp4 7.0-sp4.x
microsoft / sql_server 7.0-sp2 7.0-sp2.x