VYPR
Unrated severityNVD Advisory· Published Aug 12, 2002· Updated Jun 16, 2026

CVE-2002-0649

CVE-2002-0649

Description

Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04 byte that causes the SQL Monitor thread to generate a long registry key name, or (2) a 0x08 byte with a long string causes heap corruption, as exploited by the Slammer/Sapphire worm.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:microsoft:data_engine:2000:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:sql_server:2000:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:microsoft:sql_server:2000:*:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:sql_server:2000:sp1:*:*:*:*:*:*
    • cpe:2.3:a:microsoft:sql_server:2000:sp2:*:*:*:*:*:*
  • Microsoft/Msdellm-fuzzy
    Range: = 2000
  • Range: = 2000

Patches

Vulnerability mechanics

References

23

News mentions

0

No linked articles in our index yet.