CVE-2003-0230

CVE Database · CVE-2003-0230

CVE-2003-0230

· N/AModified

CVSS v3.1

N/A

EPSS

2.26%

Published

Aug 27, 2003

Modified

Apr 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.

Weaknesses (CWE)

CWE-264

Affected Products (12)

microsoft · data_enginevulnerable

microsoft · sql_servervulnerable

References (6)

http://www.kb.cert.org/vuls/id/556356

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-031

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A235

http://www.kb.cert.org/vuls/id/556356

US Government Resource

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-031

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A235

KEV Catalog EPSS Scores Vendors All CVEs