ie8 fix

Microsoft Security Bulletin MS02-043

Publisher's Description

From Microsoft:

This is a cumulative patch that includes the functionality of all previously released patches for SQL Server 7.0 and SQL Server 2000. In addition, it eliminates a newly discovered vulnerability.

SQL Server 7.0 and SQL Server 2000 provide for extended stored procedures, which are external routines written in programming languages such as C or C#. These procedures appear as normal stored procedures to users and can be invoked and executed just like normal stored procedures. By default, SQL Server 7.0 and SQL Server 2000 ship with a number of extended stored procedures which are used for various helper functions.

Some of the Microsoft-provided extended stored procedures that have the ability to reconnect to the database as the SQL Server service account have a flaw in common  namely, they have weak permissions that can allow non-privileged users to execute them. Because these extended stored procedures can be made to run with administrator privileges on the database, it is thus possible for a non-privileged user to run stored procedures on the database with administrator privileges.

An attacker could exploit this vulnerability in one of two ways. The attacker could attempt to load and execute a database query that calls one of the affected extended store procedures. Alternately, if a web-site or other database front-end were configured to access and process arbitrary queries, it could be possible for the attacker to provide inputs that would cause the query to call one of the functions in question with the appropriate malformed parameters.

Download the patch for SQL Server 7.0. Click on the Alternate Download link for 2000.

 
Make fast apps faster
Make quality apps that run faster: Intel® Parallel Studio XE for Windows*
Download Now

More Popular Database Software downloads

  1. Oracle Database 10g Express Edition

    3,037 downloads

  2. MySQL Database Server

    2,813 downloads

  3. PL/SQL Developer

    1,551 downloads

  4. Navicat Premium Essentials (Multiple Databases GUI)

    1,466 downloads

  5. Crystal Reports

    1,219 downloads

 
Try Windows Azure.
Build, host and scale applications in the cloud.
Download Now
All User Reviews

Add Your Review

or Log in or create an account to post a review.
You are logged in as . Please submit your review for Microsoft Security Bulletin MS02-043 Q316333
Add Your Review

The posting of advertisements, profanity, or personal attacks is prohibited.
Click here to review our site terms of use.

Submit your reply

Submit

The posting of advertisements, profanity, or personal attacks is prohibited.
Click here to review our site terms of use.

cancel

E-mail this review

Submit cancel

Report offensive content

If you believe this comment is offensive or violates the CNET's Site Terms of Use, you can report it below (this will not automatically remove the comment). Once reported, our staff will be notified and the comment will be reviewed.

Select type of offense:

Offensive: Sexually explicit or offensive language
Spam: Advertisements or commercial links
Disruptive posting: Flaming or offending other users
Illegal activities: Promote cracked software, or other illegal content
Submit cancel

See more CNET content tagged:

Microsoft SQL Server,
Microsoft SQL Server 2000,
Microsoft SQL Server 7.0,
attacker,
procedure

Error

close

ERROR MESSAGE

If you think this is an error, please contact CNET TechTracker Support for further assistance.

Ok

Running Request

close

loading

Smart Install Software

close

CNET TechTracker will now automatically install software without requiring further action by you. (Note: This feature automatically accepts associated EULAs and third party applications on your behalf.)

You have selected the following software to Smart Install:

CNET TechTracker will attempt to install this software without interrupting you again. If an application requires manual installation, CNET TechTracker will download the installer and prompt you to take further action.

Proceed with Smart Install?

Confirm Standard Install Cancel

Submit a problem report for Microsoft Security Bulletin MS02-043

close

Please describe the problem you have with this software. This information will be sent to our editors for review.

Problem:

The CNET Installer isn't working as expected

The download link does not work

The software has a newer version

The software contains malware

Other

Description:

Please select a feedback type.

Please enter a description.

Submit Problem Report

Problem Report submitted

close

Thank you for submitting a problem report! The Download team is committed to providing you with accurate software information.

OK