Article ID: 319507 - View products that this article applies to.
This article was previously published under Q319507
Structured Query Language (SQL) in SQL Server 7.0 and SQL Server 2000 has a number of extended procedure calls that are used for various helper functions. An unchecked buffer exists in several of these extended procedure calls. A buffer overrun can occur as a result and can be used to either cause the SQL Server service to fail, or to cause code to run in the security context of the SQL Server.
SQL Server 2000To resolve this problem, obtain the latest service pack for Microsoft SQL Server 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/290211/EN-US/ )INF: How To Obtain the Latest SQL Server 2000 Service Pack
SQL Server 7.0The update for this problem is included in the April 17, 2002 SQL Server 7.0 cumulative security patch. For additional information about how to obtain this patch, click the article number below to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/318268/EN-US/ )INF: SQL Server 7.0 Security Update for Service Pack 3
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.
SQL Server 2000Microsoft has confirmed that this problem may cause a degree of security vulnerability in Microsoft SQL Server 2000.
This problem was first corrected in Microsoft SQL Server 2000 Service Pack 3.
SQL Server 7.0Microsoft has confirmed that this problem may cause a degree of security vulnerability in Microsoft SQL Server 7.0.
The update for this problem is included in the April 17, 2002 SQL Server 7.0 cumulative security patch.
For more information about this vulnerability, visit the following Microsoft Web site: