Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Microsoft SQL Server 2008 R2 SP3 10.50.6500.0 through 10.50.6525.0 Multiple Vulnerabilities (3045314)

High

Synopsis

The remote host is running a version of SQL Server that is vulnerable to multiple attack vectors.

Description

The remote host is running a version of Microsoft SQL Server 2008 R2 SP3 10.50.6500.0 through 10.50.6525.0 and is affected by multiple vulnerabilities :

- An unspecified type-casting flaw exists. With a specially crafted query, an authenticated, remote attacker can potentially gain escalated privileges. (CVE-2015-1761) - An unspecified flaw exists related to use of uninitialized memory. With a specially crafted query, an authenticated, remote attacker can potentially execute arbitrary code on the system. (CVE-2015-1762, CVE-2015-1763)

Solution

Update to SQL Server 2008 R2 SP3 10.50.6526.0 or higher.