This script is Copyright (C) 2003-2013 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote host through Microsoft SQL
The remote host is running SQLXML. There are flaws in this application
that could allow a remote attacker to execute arbitrary code on this
See also :
Microsoft has released a set of patches for Office 2000 and XP.
Risk factor :
Medium / CVSS Base Score : 5.1
CVSS Temporal Score : 3.8
Public Exploit Available : false