Unrated severityNVD Advisory· Published Jul 8, 2008· Updated Jun 16, 2026
CVE-2008-0086
CVE-2008-0086
Description
Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- cpe:2.3:a:microsoft:data_engine:1.0:sp4:*:*:*:*:*:*
cpe:2.3:a:microsoft:sql_server:2000:sp4:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:sql_server:2000:sp4:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sql_server:7.0:sp4:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sql_server_desktop_engine:2000:sp4:*:*:*:*:*:*
- cpe:2.3:a:microsoft:sql_server_express_edition:2005:sp2:*:*:*:*:*:*
- Range: SP4
Patches
Vulnerability mechanics
References
10- www.us-cert.gov/cas/techalerts/TA08-190A.htmlnvdUS Government Resource
- secunia.com/advisories/30970nvd
- www.securityfocus.com/archive/1/494082/100/0/threadednvd
- www.securityfocus.com/archive/1/516397/100/0/threadednvd
- www.securitytracker.com/idnvd
- www.vmware.com/security/advisories/VMSA-2011-0003.htmlnvd
- www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.htmlnvd
- www.vupen.com/english/advisories/2008/2022/referencesnvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-040nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14052nvd
News mentions
0No linked articles in our index yet.