KLA10615
Multiple vulnerabilities in Microsoft SQL Server

Обновлено: 03/06/2020

Дата обнаружения	12/08/2014
Уровень угрозы	Critical
Описание	Multiple serious vulnerabilities have been found in Microsoft SQL Server. Malicious users can exploit these vulnerabilities to cause denial of service or inject arbitrary code. Below is a complete list of vulnerabilities Lack of stack memory restrictions can be exploited remotely via a specially designed T-SQL statement; XSS vulnerability can be exploited remotely via a specially designed URL.
Пораженные продукты	Microsoft SQL Server 2008 x86, x64, Itanium Service Pack 3 Microsoft SQL Server 2008 R2 x86, x64, Itanium Service Pack 2 Microsoft SQL Server 2012 x86, x64 Service Pack 1 Microsoft SQL Server 2014 x64
Решение	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения	CVE-2014-4061 CVE-2014-1820
Оказываемое влияние ?	DoS [?] CI [?]
Связанные продукты	Microsoft SQL Server
CVE-IDS	CVE-2014-40616.8High CVE-2014-18204.3Warning

KLA10615Multiple vulnerabilities in Microsoft SQL Server