Skip to main content

Microsoft SQL Server Remote Code Execution Vulnerabilities

Last Update Date: 31 Jul 2015 Release Date: 15 Jul 2015 6889 Views

RISK: High Risk

TYPE: Servers - Database Servers

TYPE: Database Servers
  1. SQL Server Elevation of Privilege Vulnerability
    An elevation of privilege vulnerability exists in Microsoft SQL Server when it improperly casts pointers to an incorrect class. An attacker could exploit the vulnerability if their credentials allow access to an affected SQL server database. An attacker who successfully exploited this vulnerability could gain elevated privileges that could be used to view, change, or delete data; or create new accounts.
  2. SQL Server Remote Code Execution Vulnerability
    A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles internal function calls to uninitialized memory. An attacker could exploit the vulnerability if a privileged user runs a specially crafted query on an affected SQL server that has special permission settings (such as VIEW SERVER STATE) turned on. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.
  3. SQL Server Remote Code Execution Vulnerability
    An authenticated remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles internal function calls to uninitialized memory. An attacker could exploit the vulnerability if a privileged user runs a specially crafted query that is designed to execute a virtual function from a wrong address, leading to a function call to uninitialized memory. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.

Impact

  • Elevation of Privilege
  • Remote Code Execution

System / Technologies affected

  • SQL Server 2008 Service Pack 3
  • SQL Server 2008 Service Pack 4
  • SQL Server 2008 R2 Service Pack 2
  • SQL Server 2008 R2 Service Pack 3
  • SQL Server 2012 Service Pack 1
  • SQL Server 2012 Service Pack 2
  • SQL Server 2014

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link