Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA11310
ACE vulnerability in Microsoft SQL Server

Updated: 06/03/2020
Detect date
?
 08/14/2018
Severity
?
 Critical
Description

A buffer overflow vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability via specially crafted query to execute arbitrary code.
Affected products

Microsoft SQL Server 2016 for x64-based Systems Service Pack 1
Microsoft SQL Server 2016 for x64-based Systems Service Pack 1 (CU)
Microsoft SQL Server 2016 for x64-based Systems Service Pack 2
Microsoft SQL Server 2016 for x64-based Systems Service Pack 2 (CU)
Microsoft SQL Server 2017 for x64-based Systems
Microsoft SQL Server 2017 for x64-based Systems (CU)
Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories

CVE-2018-8273
Impacts
?
ACE 
[?]
Related products
 Microsoft SQL Server
KB list

4293808
4293805
4293802
4293803
4458621
4458842
Microsoft official advisories
 Microsoft Security Update Guide
Find out the statistics of the vulnerabilities spreading in your region
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy Cookies

Up