| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS-15-058 | Microsoft SQL Server Remote Code Execution Vulnerability | Microsoft SQL Server | Important | 30-05-2024 |
Technical Information
A remote code execution vulnerability where an authenticated attacker runs a specially crafted query to create or modify a database, could execute a virtual function from a wrong address, leading to a function call to uninitialized memory.
Patch Release Date: July 14, 2015
Further information on this vulnerability is available at: MS15-058
Affected Software
SQL Server 2008 Service Pack 3,SQL Server 2008 Service Pack 4,
SQL Server 2008 R2 Service Pack 2,
SQL Server 2008 R2 Service Pack 3,
SQL Server 2012 Service Pack 1,
SQL Server 2012 Service Pack 2,
SQL Server 2014