62 matches found
KB3045318 - MS15-058: Description of the security update for SQL Server 2012 SP1 GDR: July 14, 2015
KB3045318 - MS15-058: Description of the security update for SQL Server 2012 SP1 GDR: July 14, 2015 Summary This update resolves vulnerabilities in Microsoft SQL Server that could allow remote code execution if an authenticated attacker runs a specially crafted query that is designed to execute a...
KB2958429 - Bugs that are fixed in SQL Server 2012 Service Pack 2
KB2958429 - Bugs that are fixed in SQL Server 2012 Service Pack 2 Introduction This article lists the bugs that are fixed in Microsoft SQL Server 2012 Service Pack 2 SP2. Notes Additional fixes that are not documented here may also be included in the service pack. This list will be updated when...
KB3152635 - Cumulative Update 3 for SQL Server 2012 SP3
KB3152635 - Cumulative Update 3 for SQL Server 2012 SP3 This article describes cumulative update package 3 Build number: 11.0.6537.0 for Microsoft SQL Server 2012 Service Pack 3 SP3. This update contains fixes that were released after the release of SQL Server 2012 SP3. Notes Cumulative updates a...
Starbucks: SQL Injection Extracts Starbucks Enterprise Accounting, Financial, Payroll Database
As described in the Hacker Summary, @spaceraccoon discovered a SQL Injection vulnerability in a web service backed by Microsoft Dynamics AX. @spaceraccoon demonstrated that the flaw was exploitable via XML-formatted HTTP payload requests to the server. We appreciate @spaceraccoon's clear and...
Description of the security update for SQL Server 2012 SP4 GDR: January 12, 2018
Description of the security update for SQL Server 2012 SP4 GDR: January 12, 2018 Summary Microsoft is aware of detailed information that has been published about a class of vulnerabilities referred to as speculative execution side-channel attacks. To learn more about the vulnerabilities, see...
Description of the security update for SQL Server 2012 SP3 GDR: January 16, 2018
Description of the security update for SQL Server 2012 SP3 GDR: January 16, 2018 Summary Microsoft is aware of a new publicly disclosed class of vulnerabilities that are referred to as “speculative execution side-channel attacks” that affect many modern processors and operating systems including...
Description of the security update for SQL Server 2012 SP3 CU: January 16, 2018
Description of the security update for SQL Server 2012 SP3 CU: January 16, 2018 Summary Microsoft is aware of a new publicly disclosed class of vulnerabilities that are referred to as “speculative execution side-channel attacks” that affect many modern processors and operating systems including...
KB4019090 - Description of the security update for SQL Server 2012 Service Pack 3 CU: August 8, 2017
KB4019090 - Description of the security update for SQL Server 2012 Service Pack 3 CU: August 8, 2017 Summary This update resolves vulnerabilities in Microsoft SQL Server. The most severe vulnerabilities could allow an attacker to exploit the vulnerability if the attacker's credentials allow acces...
MS12-070: Description of the security update for SQL Server 2012 GDR: October 9, 2012
MS12-070: Description of the security update for SQL Server 2012 GDR: October 9, 2012 View products that this article applies to.Microsoft has released security bulletin MS12-070. To view the complete security bulletin, go to one of the following Microsoft websites: Home users:...
Update Rollup 7 for System Center 2012 Orchestrator Service Pack 1
Update Rollup 7 for System Center 2012 Orchestrator Service Pack 1 Introduction This article describes the issues that are fixed in Update Rollup 7 for Microsoft System Center 2012 Orchestrator Service Pack 1 SP1. This article also contains the installation instructions for Update Rollup 7 for...
MS14-044: Description of the security update for SQL Server 2012 Service Pack 1 (GDR): August 12, 2014
MS14-044: Description of the security update for SQL Server 2012 Service Pack 1 GDR: August 12, 2014 Introduction A security issue has been identified in Microsoft SQL Server 2012 Service Pack 1 that could allow an attacker to compromise your system and gain control over it. You can help protect...
MS12-070: Description of the security update for SQL Server 2012 QFE: October 9, 2012
MS12-070: Description of the security update for SQL Server 2012 QFE: October 9, 2012 View products that this article applies to.Microsoft has released security bulletin MS12-070. To view the complete security bulletin, go to one of the following Microsoft websites: Home users:...
An update is available for System Center Advisor: May 2012
An update is available for System Center Advisor: May 2012 Summary Microsoft has released the on-premises client Update Rollup 1 for Microsoft System Center Advisor. This update is dated May 22, 2012. This article describes the following information about the update: The issues that the update...
CVE-2016-7254
Microsoft SQL Server 2012 SP2 and 2012 SP3 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."...
KB3194725 - MS16-136: Description of the security update for SQL Server 2012 Service Pack 2 CU: November 8, 2016
KB3194725 - MS16-136: Description of the security update for SQL Server 2012 Service Pack 2 CU: November 8, 2016 Summary This update resolves vulnerabilities in Microsoft SQL Server. The most severe vulnerabilities could allow an attacker to gain elevated privileges that might be used to create...
MS16-136: Description of the security update for SQL Server 2012 Service Pack 3 GDR: November 8, 2016
MS16-136: Description of the security update for SQL Server 2012 Service Pack 3 GDR: November 8, 2016 Summary This update resolves vulnerabilities in Microsoft SQL Server. The most severe vulnerabilities could allow an attacker to gain elevated privileges that might be used to create accounts, or...
KB3194719 - MS16-136: Description of the security update for SQL Server 2012 Service Pack 2 GDR: November 8, 2016
KB3194719 - MS16-136: Description of the security update for SQL Server 2012 Service Pack 2 GDR: November 8, 2016 Summary This update resolves vulnerabilities in Microsoft SQL Server. The most severe vulnerabilities could allow an attacker to gain elevated privileges that might be used to create...
KB3194724 - MS16-136: Description of the security update for SQL Server 2012 Service Pack 3 CU: November 8, 2016
KB3194724 - MS16-136: Description of the security update for SQL Server 2012 Service Pack 3 CU: November 8, 2016 Summary This update resolves vulnerabilities in Microsoft SQL Server. The most severe vulnerabilities could allow an attacker to gain elevated privileges that might be used to create...
Microsoft SQL Server Elevation of Privilege Vulnerability (2984340)
This host is missing an important security update according to Microsoft Bulletin MS14-044. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2014-1820
Cross-site scripting XSS vulnerability in Master Data Services MDS in Microsoft SQL Server 2012 SP1 and 2014 on 64-bit platforms allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "SQL Master Data Services XSS Vulnerability."...