Buffer overflows, format string bugs, MSDE is installed in insecure configuration.
vulners.com/securityvulns/securityvulns:doc:4933