Design/Logic Flaw

🗓️ 08 Jul 2008 23:41:00Reported by PRIOn knowledge baseType

SQL Server 7.0 SP4 and later versions do not initialize memory pages when reallocating memory, allowing access to sensitive information via memory page reuse

Reporter	Title	Published	Views	Family All 15
CVE	CVE-2008-0085	8 Jul 200823:00	–	cve
Cvelist	CVE-2008-0085	8 Jul 200823:00	–	cvelist
Microsoft KB	KB941203 - MS08-040: Vulnerabilities in Microsoft SQL Server could allow elevation of privilege	20 Oct 202007:12	–	mskb
NVD	CVE-2008-0085	8 Jul 200823:41	–	nvd
OpenVAS	VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX	16 Mar 201200:00	–	openvas
OpenVAS	VMware ESXi/ESX Third party component updates (VMSA-2011-0003.2)	16 Mar 201200:00	–	openvas
OpenVAS	Microsoft SQL Server Elevation of Privilege Vulnerabilities (941203)	14 Oct 200800:00	–	openvas
OpenVAS	MS SQL Server Elevation of Privilege Vulnerabilities (941203)	14 Oct 200800:00	–	openvas
securityvulns	Microsoft Security Bulletin MS08-040 – Important Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203)	9 Jul 200800:00	–	securityvulns
securityvulns	Microsoft SQL Server multiple security vulnerabilities	10 Jul 200800:00	–	securityvulns

Source	Link
us-cert	www.us-cert.gov/cas/techalerts/TA08-190A.html
secunia	www.secunia.com/advisories/30970
securitytracker	www.securitytracker.com/id
vmware	www.vmware.com/support/vsphere4/doc/vsp_vc41_u1_rel_notes.html
vmware	www.vmware.com/security/advisories/VMSA-2011-0003.html
vupen	www.vupen.com/english/advisories/2008/2022/references
oval	www.oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14213
docs	www.docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-040
securityfocus	www.securityfocus.com/archive/1/516397/100/0/threaded

28 Feb 2019 00:59Current

6.6Medium risk

Vulners AI Score6.6

EPSS0.30428