SecurityHome.eu MS15-058 - Important: Vulnerabilities in SQL Server Could Allow Remote Code Execution (3065718)

Home / bulletins

MS15-058 - Important: Vulnerabilities in SQL Server Could Allow Remote Code Execution (3065718) - Version: 1.1
Posted on 23 July 2015
There is an newer version: MS15-058 - Version: 1.2
Important
Severity Rating: Important
Revision Note: V1.1 (July 22, 2015): Bulletin revised to improve the Update FAQ section to help customers more easily identify the correct update to apply based on a currently installed version of SQL Server. This is an informational change only. Customers who have already successfully installed the update do not need to take any action.
Summary: This security update resolves vulnerabilities in Microsoft SQL Server. The most severe vulnerabilities could allow remote code execution if an authenticated attacker runs a specially crafted query that is designed to execute a virtual function from a wrong address, leading to a function call to uninitialized memory. To exploit this vulnerability an attacker would need permissions to create or modify a database.
Link
Other versions
MS15-058 - Version: 1.0
MS15-058 - Version: 1.1
MS15-058 - Version: 1.2

TOP

Bulletins :

Last 20

Exploits :

Last 20