What is CVE-2008-5416?

CVE-2008-5416 is a vulnerability in N/a. Published 2008-12-10.

Is CVE-2008-5416 known to be exploited?

6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2008-5416

Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server…

EPSS: 0.879 (99.5th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

www.sec-consult.com/files/20081209_mssql-2000-sp_replwritetovarbin_memwrite.txt (x_refsource_MISC)
ADV-2008-3380 (vdb-entry, x_refsource_VUPEN)
33034 (x_refsource_SECUNIA, third-party-advisory)
50917 (x_refsource_OSVDB, vdb-entry)
1021363 (vdb-entry, x_refsource_SECTRACK)
7501 (exploit, x_refsource_EXPLOIT-DB)
1021490 (vdb-entry, x_refsource_SECTRACK)
mssql-spreplwritetovarbin-bo(47182) (vdb-entry, x_refsource_XF)
VU#696644 (x_refsource_CERT-VN, third-party-advisory)
20081209 SEC Consult SA-20081109-0 :: Microsoft SQL Server 2000 sp_replwritetovarbin limited memory overwrite vulnerability (mailing-list, x_refsource_BUGTRAQ)

Frequently asked questions

What is CVE-2008-5416?: CVE-2008-5416 is a vulnerability in N/a. Published 2008-12-10.
Is CVE-2008-5416 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.