Microsoft SQL Server Distributed Management Objects buffer overflow

Added: 10/11/2007
CVE: CVE-2007-4814
BID: 25594
OSVDB: 38399


Microsoft SQL Server includes a Distributed Management Object model which offers a modern, object-oriented alternative to using stored procedures. The Distributed Management Object model is implemented by the sqldmo.dll ActiveX control.


A buffer overflow vulnerability in the sqldmo.dll ActiveX control allows command execution when a user opens a web page which calls the Start method with a long, specially crafted argument.


Set the kill bit for Class ID 10020200-E260-11CF-AE68-00AA004A34D5 as described in Microsoft Knowledge Base Article 240797.



Exploit works on Microsoft SQL Server 2005 SP2 on Windows 2000 and requires a user to open the exploit page in Internet Explorer.


Windows 2000

Back to exploit index