MS14-044: Vulnerability in SQL Server Could Allow Elevation of Privilege (2984340) (uncredentialed check)
Medium Nessus Plugin ID 77161
SynopsisA cross-site scripting vulnerability in SQL Server could allow an elevation of privilege.
DescriptionThe remote host has a version of Microsoft SQL Server installed. This version of SQL Server is potentially affected by multiple vulnerabilities :
- A cross-site scripting vulnerability exists in the SQL Master Data Services. (CVE-2014-1820)
- A denial of service vulnerability exists in SQL Server.
SolutionMicrosoft has released a set of patches for SQL Server 2008, 2008 R2, 2012, and 2014.