2 matches found
CVE-2014-1820
CVE-2014-1820 describes a cross-site scripting (XSS) vulnerability in Microsoft SQL Server's Master Data Services (MDS). Affected products/versions are SQL Server 2012 SP1 and SQL Server 2014 running on 64-bit platforms, where a crafted URL can cause the MDS web interface to execute arbitrary scr...
CVE-2014-4061
CVE-2014-4061 affects Microsoft SQL Server 2008 SP3, SQL Server 2008 R2 SP2, and SQL Server 2012 SP1. The root cause is improper control of stack memory when processing T-SQL batch commands, enabling remote authenticated users to cause a denial of service (daemon hang). Connected sources align on...