CVE-2007-4814

Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method.

Published: Sep 11, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-4814
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
microsoft / sql_server	2005-sp2	2005-sp2.x

http://retrogod.altervista.org/microsoft_sqldmo.html
http://securityreason.com/securityalert/3112
http://www.osvdb.org/38399
http://www.securityfocus.com/archive/1/478822/100/0/threaded
http://www.securityfocus.com/bid/25594
https://exchange.xforce.ibmcloud.com/vulnerabilities/36509
https://www.exploit-db.com/exploits/4379
https://www.exploit-db.com/exploits/4398

Vulnerability Database

289,599

CVE-2007-4814