oval:org.mitre.oval:def:83

Definition Id: oval:org.mitre.oval:def:83

Oval ID:	oval:org.mitre.oval:def:83
Title:	Microsoft SQL Server 3-Function Buffer Overflow
Description:	Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf. NOTE: the C runtime format string vulnerability reported in MS01-060 is identified by CVE-2001-0879.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2001-0542	Version:	4
Platform(s):	Microsoft Windows 2000	Product(s):	Microsoft SQL Server
Definition Synopsis:
SQL Server 2000 is installed AND File sqlservr.exe version3 less than 2000.80.428.0