SecurityHome.eu MS15-058 - Important: Vulnerabilities in SQL Server Could Allow Remote Code Execution (3065718)

Home / bulletins

MS15-058 - Important: Vulnerabilities in SQL Server Could Allow Remote Code Execution (3065718) - Version: 1.0
Posted on 15 July 2015
There is an newer version: MS15-058 - Version: 1.2
Important
Severity Rating: Important
Revision Note: V1.0 (July 14, 2015): Bulletin published
Summary: This security update resolves vulnerabilities in Microsoft SQL Server. The most severe vulnerabilities could allow remote code execution if an authenticated attacker runs a specially crafted query that is designed to execute a virtual function from a wrong address, leading to a function call to uninitialized memory. To exploit this vulnerability an attacker would need permissions to create or modify a database.
Link
Other versions
MS15-058 - Version: 1.0
MS15-058 - Version: 1.1
MS15-058 - Version: 1.2

TOP

Bulletins :

4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 2.0 -
4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0 -
4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 1.0 -
MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - 1.1
MS16-JUL Security Bulletin Summary for July 2016 - 2.0

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20