Product:

Sql_server

(Microsoft)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 108
Date Id Summary Products Score Patch Annotated
2008-09-10 CVE-2008-3015 Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a BMP image file with a malformed BitMapInfoHeader that triggers a buffer overflow, aka "GDI+ BMP... Digital_image_suite, Forefront_client_security, Office, Office_powerpoint_viewer, Report_viewer, Sql_server, Sql_server_reporting_services, Visio, Works N/A
2008-09-10 CVE-2008-3014 Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code... Digital_image_suite, Forefront_client_security, Internet_explorer, Office, Office_powerpoint_viewer, Report_viewer, Server, Sql_server, Sql_server_reporting_services, Visio, Windows\-Nt, Windows_vista, Windows_xp, Works N/A
2008-09-10 CVE-2008-3012 gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 does not properly perform memory allocation, which allows remote... Digital_image_suite, Forefront_client_security, Internet_explorer, Office, Office_powerpoint_viewer, Office_system, Report_viewer, Server, Sql_server, Sql_server_reporting_services, Visio, Windows, Windows\-Nt, Windows_vista, Windows_xp, Works N/A
2008-07-08 CVE-2008-0107 Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users to execute arbitrary code via a (1) SMB or (2) WebDAV pathname for an on-disk file (aka stored backup file) with a crafted record size value, which triggers a heap-based buffer overflow, aka "SQL Server Memory... Data_engine, Sql_server, Sql_server_desktop_engine, Windows_server_2008, Wmsde, Wyukon N/A
2008-07-08 CVE-2008-0106 Buffer overflow in Microsoft SQL Server 2005 SP1 and SP2, and 2005 Express Edition SP1 and SP2, allows remote authenticated users to execute arbitrary code via a crafted insert statement. Data_engine, Sql_server, Sql_server_desktop_engine, Sql_server_express_edition N/A
2008-07-08 CVE-2008-0086 Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression. Data_engine, Sql_server, Sql_server_desktop_engine, Sql_server_express_edition N/A
2008-07-08 CVE-2008-0085 SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize memory pages when reallocating memory, which allows database operators to obtain sensitive information (database contents) via unknown vectors related to memory page reuse. Data_engine, Sql_server, Sql_server_desktop_engine, Wmsde, Wyukon N/A
2008-09-10 CVE-2007-5348 Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2008, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via an image... Digital_image_suite, Forefront_client_security, Internet_explorer, Office, Office_powerpoint_viewer, Office_system, Report_viewer, Server, Sql_server, Sql_server_reporting_services, Visio, Windows, Windows\-Nt, Windows_vista, Windows_xp, Works N/A
2007-09-11 CVE-2007-4814 Buffer overflow in the SQLServer ActiveX control in the Distributed Management Objects OLE DLL (sqldmo.dll) 2000.085.2004.00 in Microsoft SQL Server Enterprise Manager 8.05.2004 allows remote attackers to execute arbitrary code via a long second argument to the Start method. Sql_server N/A
2004-12-31 CVE-2004-1560 Microsoft SQL Server 7.0 allows remote attackers to cause a denial of service (mssqlserver service halt) via a long request to TCP port 1433, possibly triggering a buffer overflow. Sql_server N/A