Privilege Escalation Vulnerabilities in Microsoft SQL Server - MS08-040ID: oval:org.secpod.oval:def:3185 | Date: (C)2011-11-22 (M)2021-06-02 |
Class: PATCH | Family: windows |
The host is missing an important security update according to Microsoft security bulletin, MS08-040. The update is required to fix privilege escalation vulnerabilities. The flaws are present in Microsoft SQL Server, which fails to handle functions such as page reusage, allocating more memory for the convert function, validating on-disk files before loading them, and validating insert statements. Successful exploitation could allow an attacker to run code and to take complete control of an affected system.
Platform: |
Microsoft Windows 2000 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Product: |
Microsoft SQL Server 2000 |
Microsoft SQL Server 2000 Desktop Engine (WMSDE) |
Microsoft SQL Server 2005 |
Windows Internal Database (WYukon) |