Download
| Alert*
|
oval:org.secpod.oval:def:47963
SQL Server Management Studio is installed oval:org.secpod.oval:def:58909 SQL Server Management Studio is installed oval:org.secpod.oval:def:47965 SQL Server Management Studio is installed oval:org.secpod.oval:def:47966 An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XMLA file containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity declaration ... oval:org.secpod.oval:def:47967 An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing malicious XML content containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity declaration ... oval:org.secpod.oval:def:47964 An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when parsing a malicious XEL file containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity declaration. ... oval:org.secpod.oval:def:58910 An information disclosure vulnerability exists in Microsoft SQL Server Management Studio when it improperly enforces permissions. An attacker could exploit the vulnerability if the attacker's credentials allow access to an affected SQL server database. An attacker who successfully exploited the vuln ... oval:org.secpod.oval:def:58911 An information disclosure vulnerability exists in Microsoft SQL Server Management Studio when it improperly enforces permissions. An attacker could exploit the vulnerability if the attacker's credentials allow access to an affected SQL server database. An attacker who successfully exploited the vuln ... oval:org.secpod.oval:def:64937 A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS) improperly handles files. An attacker could exploit the vulnerability to trigger a denial of service. To exploit the vulnerability, an attacker would first require execution on the victim system. |
