Unrated severityNVD Advisory· Published May 16, 2002· Updated Jun 16, 2026

CVE-2002-0154

Description

Buffer overflows in extended stored procedures for Microsoft SQL Server 7.0 and 2000 allow remote attackers to cause a denial of service or execute arbitrary code via a database query with certain long arguments.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Microsoft/SQL Server8 versions
cpe:2.3:a:microsoft:sql_server:2000:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:microsoft:sql_server:2000:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sql_server:2000:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sql_server:2000:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sql_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sql_server:7.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sql_server:7.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sql_server:7.0:sp3:*:*:*:*:*:*
- (no CPE)range: 7.0, 2000

Patches

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

www.cert.org/advisories/CA-2002-22.htmlnvdUS Government Resource
www.kb.cert.org/vuls/id/627275nvdUS Government Resource
marc.infonvd
www.securityfocus.com/archive/1/261775nvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-020nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A121nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.020
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000