Multiple vulnerabilities in Microsoft SQL Server

Описание

Multiple serious vulnerabilities have been found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to cause denial of service or inject arbitrary code.

Below is a complete list of vulnerabilities

1. Lack of stack memory restrictions can be exploited remotely via a specially designed T-SQL statement;
2. XSS vulnerability can be exploited remotely via a specially designed URL.

Первичный источник обнаружения

• CVE-2014-4061
  CVE-2014-1820
  

Связанные продукты

• Microsoft-SQL-Server

Список CVE

• CVE-2014-4061
  high
• CVE-2014-1820
  warning

Список KB

• 2977319
• 2977316
• 2977315
• 2977326
• 2984340
• 2977325
• 2977322
• 2977320
• 2977321

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com