Unrated severityNVD Advisory· Published Jul 23, 2002· Updated Apr 16, 2026

CVE-2002-0624

Description

Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication, aka "Unchecked Buffer in Password Encryption Procedure."

Affected products

Microsoft/Msde
cpe:2.3:a:microsoft:msde:2000:*:*:*:*:*:*:*
Microsoft/SQL Server
cpe:2.3:a:microsoft:sql_server:2000:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cert.org/advisories/CA-2002-22.htmlnvdUS Government Resource
docs.microsoft.com/en-us/security-updates/securitybulletins/2002/ms02-034nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A291nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000