Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Microsoft SQL Server 2008 SP4 10.0.6500.0 through 10.0.6526.0 Multiple Vulnerabilities (3045308)

High

Synopsis

The remote host is running a version of SQL Server that is vulnerable to multiple attack vectors.

Description

The remote host is running a version of Microsoft SQL Server 2008 SP4 10.0.6500.0 through 10.0.6526.0 and is affected by multiple vulnerabilities :

- An unspecified type-casting flaw exists. With a specially crafted query, an authenticated, remote attacker can potentially gain escalated privileges. (CVE-2015-1761) - An unspecified flaw exists related to use of uninitialized memory. With a specially crafted query, an authenticated, remote attacker can potentially execute arbitrary code on the system. (CVE-2015-1762, CVE-2015-1763)

Solution

Update to SQL Server 2008 SP4 10.0.6527.0 or higher.