New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 9.8
SynopsisArbitrary code can be executed on the remote host through Microsoft SQL Server.
DescriptionThe remote host is running a version of Microsoft SQL Server, Desktop Engine or Internal Database that suffers from an authenticated, remote code execution vulnerability in the extended stored procedure 'sp_replwritetovarbin' due to an invalid parameter check.
Successful exploitation could allow an attacker to take complete control of the affected system.
SolutionMicrosoft has released a set of patches for SQL Server 2000 and 2005.