This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 1998-06-29
Product Sql Server Last view 2024-01-09
Version 2012 Type
Update sp2  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:microsoft:sql_server:2000:-:*:*:*:*:*:* 40
cpe:2.3:a:microsoft:sql_server:7.0:-:*:*:*:*:*:* 32
cpe:2.3:a:microsoft:sql_server:2000:sp2:*:*:*:*:*:* 21
cpe:2.3:a:microsoft:sql_server:2000:sp1:*:*:*:*:*:* 20
cpe:2.3:a:microsoft:sql_server:2019:*:*:*:*:*:x64:* 19
cpe:2.3:a:microsoft:sql_server:2022:*:*:*:*:*:x64:* 18
cpe:2.3:a:microsoft:sql_server:2005:sp2:*:*:*:*:*:* 17
cpe:2.3:a:microsoft:sql_server:7.0:sp1:*:*:*:*:*:* 13
cpe:2.3:a:microsoft:sql_server:7.0:sp2:*:*:*:*:*:* 13
cpe:2.3:a:microsoft:sql_server:7.0:sp4:*:*:*:*:*:* 13
cpe:2.3:a:microsoft:sql_server:7.0:sp3:*:*:*:*:*:* 12
cpe:2.3:a:microsoft:sql_server:2014:sp3:*:*:*:*:*:* 11
cpe:2.3:a:microsoft:sql_server:2005:sp3:x64:*:*:*:*:* 8
cpe:2.3:a:microsoft:sql_server:2016:sp3:*:*:*:*:x64:* 8
cpe:2.3:a:microsoft:sql_server:2005:sp3:itanium:*:*:*:*:* 8
cpe:2.3:a:microsoft:sql_server:2005:sp2:itanium:*:*:*:*:* 8
cpe:2.3:a:microsoft:sql_server:2005:sp2:x64:*:*:*:*:* 8
cpe:2.3:a:microsoft:sql_server:2017:*:*:*:*:*:x64:* 8
cpe:2.3:a:microsoft:sql_server:2005:sp3:*:*:*:*:*:* 8
cpe:2.3:a:microsoft:sql_server:2012:sp4:*:*:*:*:*:* 7
cpe:2.3:a:microsoft:sql_server:2000:sp4:*:*:*:*:*:* 7
cpe:2.3:a:microsoft:sql_server:2008:sp4:*:*:*:*:*:* 5
cpe:2.3:a:microsoft:sql_server:2016:-:*:*:*:*:*:* 5
cpe:2.3:a:microsoft:sql_server:2012:sp2:*:*:*:*:*:* 5
cpe:2.3:a:microsoft:sql_server:2005:sp4:x64:*:*:*:*:* 4
cpe:2.3:a:microsoft:sql_server:2005:sp4:itanium:*:*:*:*:* 4
cpe:2.3:a:microsoft:sql_server:2008:sp2:itanium:*:*:*:*:* 4
cpe:2.3:a:microsoft:sql_server:2008:sp2:x64:*:*:*:*:* 4
cpe:2.3:a:microsoft:sql_server:2005:sp4:express_advanced_services:*:*:*:*:* 4
cpe:2.3:a:microsoft:sql_server:2008:sp3:x64:*:*:*:*:* 4
cpe:2.3:a:microsoft:sql_server:2008:sp3:x86:*:*:*:*:* 4
cpe:2.3:a:microsoft:sql_server:2008:sp3:itanium:*:*:*:*:* 4
cpe:2.3:a:microsoft:sql_server:2000:sp3:*:*:*:*:*:* 4
cpe:2.3:a:microsoft:sql_server:2000:sp3a:*:*:*:*:*:* 4
cpe:2.3:a:microsoft:sql_server:2008:r2_sp3:*:*:*:*:*:* 4
cpe:2.3:a:microsoft:sql_server:2016:sp2:*:*:*:*:x64:* 4
cpe:2.3:a:microsoft:sql_server:6.5:*:*:*:*:*:*:* 4
cpe:2.3:a:microsoft:sql_server:2014:sp2:*:*:*:*:*:* 4
cpe:2.3:a:microsoft:sql_server:2014:sp1:*:*:*:*:*:* 3
cpe:2.3:a:microsoft:sql_server:2008:sp2:x86:*:*:*:*:* 3
cpe:2.3:a:microsoft:sql_server:2008:r2:x64:*:*:*:*:* 3
cpe:2.3:a:microsoft:sql_server:2005:sp4:x86:*:*:*:*:* 3
cpe:2.3:a:microsoft:sql_server:2014:-:*:*:*:*:*:* 3
cpe:2.3:a:microsoft:sql_server:2000:*:desktop_engine:*:*:*:*:* 3
cpe:2.3:a:microsoft:sql_server:2008:r2:itanium:*:*:*:*:* 3
cpe:2.3:a:microsoft:sql_server:2008:r2_sp2:*:*:*:*:*:* 3
cpe:2.3:a:microsoft:sql_server:2012:sp1:*:*:*:*:*:* 3
cpe:2.3:a:microsoft:sql_server:2012:sp3:*:*:*:*:*:* 3
cpe:2.3:a:microsoft:sql_server:2008:sp3:*:*:*:*:*:* 3
cpe:2.3:a:microsoft:sql_server:2000:gold:*:*:*:*:*:* 2

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
8.7 2024-01-09 CVE-2024-0056

Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

7.8 2023-10-10 CVE-2023-36785

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8 2023-10-10 CVE-2023-36730

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

5.5 2023-10-10 CVE-2023-36728

Microsoft SQL Server Denial of Service Vulnerability

7.8 2023-10-10 CVE-2023-36420

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8 2023-10-10 CVE-2023-36417

Microsoft SQL OLE DB Remote Code Execution Vulnerability

8.8 2023-08-08 CVE-2023-38169

Microsoft SQL OLE DB Remote Code Execution Vulnerability

7.8 2023-06-16 CVE-2023-32028

Microsoft SQL OLE DB Remote Code Execution Vulnerability

7.8 2023-06-16 CVE-2023-32027

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8 2023-06-16 CVE-2023-32026

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8 2023-06-16 CVE-2023-32025

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8 2023-06-16 CVE-2023-29356

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8 2023-06-16 CVE-2023-29349

Microsoft ODBC and OLE DB Remote Code Execution Vulnerability

7.3 2023-04-11 CVE-2023-23384

Microsoft SQL Server Remote Code Execution Vulnerability

7.8 2023-02-14 CVE-2023-21718

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

8.8 2023-02-14 CVE-2023-21713

Microsoft SQL Server Remote Code Execution Vulnerability

8.8 2023-02-14 CVE-2023-21705

Microsoft SQL Server Remote Code Execution Vulnerability

7.8 2023-02-14 CVE-2023-21704

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

7.8 2023-02-14 CVE-2023-21528

Microsoft SQL Server Remote Code Execution Vulnerability

7.5 2022-06-15 CVE-2022-29143

Microsoft SQL Server Remote Code Execution Vulnerability

7.8 2022-02-09 CVE-2022-23276

SQL Server for Linux Containers Elevation of Privilege Vulnerability

8.8 2021-01-12 CVE-2021-1636

Microsoft SQL Elevation of Privilege Vulnerability

8.8 2020-02-11 CVE-2020-0618

A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.

8.8 2019-07-15 CVE-2019-1068

A remote code execution vulnerability exists in Microsoft SQL Server when it incorrectly handles processing of internal functions, aka 'Microsoft SQL Server Remote Code Execution Vulnerability'.

6.5 2019-05-16 CVE-2019-0819

An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces metadata permissions, aka 'Microsoft SQL Server Analysis Services Information Disclosure Vulnerability'.

CWE : Common Weakness Enumeration

%idName
23% (10) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
13% (6) CWE-189 Numeric Errors
11% (5) CWE-264 Permissions, Privileges, and Access Controls
9% (4) CWE-200 Information Exposure
9% (4) CWE-94 Failure to Control Generation of Code ('Code Injection')
9% (4) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
4% (2) CWE-399 Resource Management Errors
4% (2) CWE-284 Access Control (Authorization) Issues
4% (2) CWE-20 Improper Input Validation
2% (1) CWE-502 Deserialization of Untrusted Data
2% (1) CWE-326 Inadequate Encryption Strength
2% (1) CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('...
2% (1) CWE-74 Failure to Sanitize Data into a Different Plane ('Injection')

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-20 Encryption Brute Forcing
CAPEC-58 Restful Privilege Elevation
CAPEC-112 Brute Force

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:231 SQL Server Extended Stored Procedure Parameter Parsing
oval:org.mitre.oval:def:71 Privilege Escalation Using Cached Admin Connection
oval:org.mitre.oval:def:82 Microsoft RPC Denial of Service
oval:org.mitre.oval:def:83 Microsoft SQL Server 3-Function Buffer Overflow
oval:org.mitre.oval:def:253 SQL Server Format String Vulnerability
oval:org.mitre.oval:def:271 SQL Server OpenDataSource/OpenRowset Buffer Overflow
oval:org.mitre.oval:def:121 Microsoft SQL Server Extended Stored Procedure Buffer Overflow
oval:org.mitre.oval:def:489 Unchecked Buffer in SQLXML ISAPI Extension for Microsoft Data Access Componen...
oval:org.mitre.oval:def:484 Unchecked Buffer in SQLXML ISAPI Extension for Microsoft Data Access Componen...
oval:org.mitre.oval:def:291 Unchecked Buffer in Password Encryption Procedure
oval:org.mitre.oval:def:316 MS SQL Server Bulk Insert Procedure Buffer Overflow
oval:org.mitre.oval:def:1025 Incorrect Permission on SQL Server Service Account Registry Key
oval:org.mitre.oval:def:1077 MS SQL Server 2000 Resolution Service Buffer Overflow
oval:org.mitre.oval:def:235 SQL Server Named Pipe Hijacking
oval:org.mitre.oval:def:299 SQL Server Named Pipe Denial of Service
oval:org.mitre.oval:def:303 SQL Server LPC Port Buffer Overflow
oval:org.mitre.oval:def:14213 Memory Page Reuse Vulnerability in SQL Server
oval:org.mitre.oval:def:14052 Convert Buffer Overrun Vulnerability in SQL Server
oval:org.mitre.oval:def:13785 Buffer Overrun Vulnerability in SQL Server
oval:org.mitre.oval:def:13936 Memory Corruption Vulnerability in SQL Server
oval:org.mitre.oval:def:6055 GDI+ VML Buffer Overrun Vulnerability
oval:org.mitre.oval:def:6040 GDI+ EMF Memory Corruption Vulnerability
oval:org.mitre.oval:def:5986 GDI+ GIF Parsing Vulnerability
oval:org.mitre.oval:def:6004 GDI+ WMF Buffer Overrun Vulnerability
oval:org.mitre.oval:def:5881 GDI+ BMP Integer Overflow Vulnerability

SAINT Exploits

Description Link
Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability More info here
Microsoft SQL Server Reporting Services 2016 ViewState deserialization vulnerability More info here
Microsoft SQL Server Distributed Management Objects buffer overflow More info here
Microsoft SQL Server Hello buffer overflow More info here
Microsoft SQL Server spreplwritetovarbin Buffer Overflow More info here
Microsoft SQL Server 2000 resolution service buffer overflow More info here
Microsoft Office Art Property Table Memory Corruption More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
72934 Microsoft XML Editor External Entities Resolution Unspecified Information Dis...
60004 Microsoft SQL Server Multiple Stored Procedure Unprivileged Configuration Man...
59636 Microsoft SQL Server SQL Authentication Password Encryption Weakness
58869 Microsoft Office Malformed Object Handling Memory Corruption Arbitrary Code E...
58868 Microsoft Multiple Products GDI+ PNG Image Handling Integer Overflow
58867 Microsoft Multiple Products GDI+ .NET API Code Execution Privilege Escalation
58866 Microsoft Multiple Products GDI+ TIFF Image Handling Memory Corruption Arbitr...
58865 Microsoft Multiple Products GDI+ TIFF Image Handling Overflow
58864 Microsoft Multiple Products GDI+ PNG Image Handling Heap Overflow
58863 Microsoft Multiple Products GDI+ WMF Image Handling Overflow
50589 Microsoft SQL Server 2000 sp_replwritetovarbin() Stored Procedure Overflow
48220 Microsoft SQL Server SQLVDIRLib.SQLVDirControl ActiveX (Tools\Binn\sqlvdir.dl...
47969 Microsoft Multiple Products GDI+ BMP Integer Calculation Overflow
47968 Microsoft Multiple Products GDI+ WMF Image Handling Overflow
47967 Microsoft Multiple Products GDI+ GIF Image Handling Arbitrary Code Execution
47966 Microsoft Multiple Products GDI+ EMF File Handling Memory Corruption
47965 Microsoft Multiple Products GDI+ VML Gradient Size Handling Overflow
46773 Microsoft SQL Server Memory Page Reuse Information Disclosure
46772 Microsoft SQL Server Convert Function Overflow
46771 Microsoft SQL Server Stored Backup File Processing Memory Corruption Arbitrar...
46770 Microsoft SQL Server Crafted Insert Statement Overflow
38399 Microsoft SQL Server Enterprise Manager Distributed Management Objects OLE DL...
13434 Microsoft Windows Distributed Transaction Coordinator (DTC) Malformed Input DoS
10379 Microsoft SQL Server Large Query DoS
10183 Microsoft SQL Server xp_sprintf Function DoS

ExploitDB Exploits

id Description
21693 Microsoft SQL Server 2000 User Authentication Remote Buffer Overflow Vulnerab...

OpenVAS Exploits

id Description
2012-10-10 Name : Microsoft SQL Server Report Manager Cross Site Scripting Vulnerability (2754849)
File : nvt/secpod_ms12-070.nasl
2012-08-15 Name : Microsoft Windows Common Controls Remote Code Execution Vulnerability (2720573)
File : nvt/secpod_ms12-060.nasl
2012-04-11 Name : Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)
File : nvt/secpod_ms12-027.nasl
2012-03-16 Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe...
File : nvt/gb_VMSA-2011-0003.nasl
2011-06-21 Name : Microsoft XML Editor Information Disclosure Vulnerability (2543893)
File : nvt/secpod_ms11-049.nasl
2011-01-18 Name : Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593)
File : nvt/gb_ms08-052.nasl
2009-10-21 Name : Microsoft Products GDI Plus Code Execution Vulnerabilities (957488)
File : nvt/secpod_ms09-062.nasl
2008-12-16 Name : Microsoft SQL Server sp_replwritetovarbin() BOF Vulnerability
File : nvt/gb_mssql_sp_replwritetovarbin_bof_vuln.nasl
2008-12-02 Name : Microsoft SQL Server 2000 sqlvdir.dll ActiveX Buffer Overflow Vulnerability
File : nvt/secpod_ms_sql_server_2000_activex_bof_vuln_900125.nasl
2008-10-14 Name : MS SQL Server Elevation of Privilege Vulnerabilities (941203)
File : nvt/gb_ms08-040.nasl
2006-03-26 Name : Microsoft's SQL Version Query
File : nvt/mssql_version.nasl
2005-11-03 Name : MSDTC denial of service by flooding with nul bytes
File : nvt/msdtc_dos.nasl
2005-11-03 Name : Microsoft's SQL Hello Overflow
File : nvt/mssql_hello_overflow.nasl
2005-11-03 Name : SMB Registry : SQL7 Patches
File : nvt/smb_mssql7.nasl
2005-11-03 Name : XML Core Services patch (Q318203)
File : nvt/smb_nt_ms02-008.nasl
2005-11-03 Name : Cumulative Patch for Internet Information Services (Q327696)
File : nvt/smb_nt_ms02-018.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0171 Multiple Vulnerabilities in Microsoft SQL Server (MS15-058)
Severity: Category II - VMSKEY: V0061125
2014-A-0126 Multiple Vulnerabilities in Microsoft SQL Server
Severity: Category II - VMSKEY: V0053801
2012-A-0160 Microsoft SQL Server Cross-Site Scripting Vulnerability
Severity: Category II - VMSKEY: V0034177
2012-A-0132 Microsoft Windows Common Controls Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0033659
2012-A-0059 Microsoft Windows Common Controls Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0031982
2011-B-0064 Microsoft XML Editor Information Disclosure Vulnerability
Severity: Category II - VMSKEY: V0028601
2011-A-0066 Multiple Vulnerabilities in VMware Products
Severity: Category I - VMSKEY: V0027158
2009-A-0099 Multiple Vulnerabilities in Microsoft GDI+
Severity: Category I - VMSKEY: V0021759
2009-A-0012 Microsoft SQL Server Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0018387
2008-T-0053 WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability
Severity: Category II - VMSKEY: V0017532

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 xp_updatecolvbm vulnerable function attempt
RuleID : 8540 - Type : SERVER-MSSQL - Revision : 8
2014-01-10 xp_updatecolvbm unicode vulnerable function attempt
RuleID : 8539 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_updatecolvbm unicode vulnerable function attempt
RuleID : 8538 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_showcolv vulnerable function attempt
RuleID : 8531 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_showcolv unicode vulnerable function attempt
RuleID : 8530 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_showcolv unicode vulnerable function attempt
RuleID : 8529 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_SetSQLSecurity vulnerable function attempt
RuleID : 8528 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_SetSQLSecurity unicode vulnerable function attempt
RuleID : 8527 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_SetSQLSecurity unicode vulnerable function attempt
RuleID : 8526 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_proxiedmetadata vulnerable function attempt
RuleID : 8525 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_proxiedmetadata unicode vulnerable function attempt
RuleID : 8524 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_proxiedmetadata unicode vulnerable function attempt
RuleID : 8523 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_printstatements vulnerable function attempt
RuleID : 8522 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_printstatements unicode vulnerable function attempt
RuleID : 8521 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_printstatements unicode vulnerable function attempt
RuleID : 8520 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_peekqueue vulnerable function attempt
RuleID : 8519 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_peekqueue unicode vulnerable function attempt
RuleID : 8518 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_peekqueue unicode vulnerable function attempt
RuleID : 8517 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 xp_enumresultset vulnerable function attempt
RuleID : 8504 - Type : SERVER-MSSQL - Revision : 8
2014-01-10 xp_enumresultset unicode vulnerable function attempt
RuleID : 8503 - Type : SERVER-MSSQL - Revision : 8
2014-01-10 xp_enumresultset unicode vulnerable function attempt
RuleID : 8502 - Type : SERVER-MSSQL - Revision : 8
2014-01-10 xp_displayparamstmt vulnerable function attempt
RuleID : 8501 - Type : SERVER-MSSQL - Revision : 8
2014-01-10 xp_displayparamstmt unicode vulnerable function attempt
RuleID : 8500 - Type : SERVER-MSSQL - Revision : 8
2014-01-10 xp_displayparamstmt unicode vulnerable function attempt
RuleID : 8499 - Type : SERVER-MSSQL - Revision : 10
2014-01-10 formatmessage possible buffer overflow
RuleID : 8495 - Type : SQL - Revision : 6

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2017-08-08 Name: The remote SQL server is affected by an information disclosure vulnerability.
File: smb_nt_ms17_aug_mssql.nasl - Type: ACT_GATHER_INFO
2016-11-08 Name: The remote SQL server is affected by multiple vulnerabilities.
File: smb_nt_ms16-136.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote VMware ESX / ESXi host is missing a security-related patch.
File: vmware_VMSA-2011-0003_remote.nasl - Type: ACT_GATHER_INFO
2015-07-14 Name: The remote SQL Server installation is affected by multiple vulnerabilities.
File: smb_nt_ms15-058.nasl - Type: ACT_GATHER_INFO
2015-07-14 Name: The remote SQL Server installation is affected by multiple vulnerabilities.
File: smb_kb3065718.nasl - Type: ACT_GATHER_INFO
2014-08-12 Name: A cross-site scripting vulnerability in SQL Server could allow an elevation o...
File: smb_kb2984340.nasl - Type: ACT_GATHER_INFO
2014-08-12 Name: A cross-site scripting vulnerability in SQL Server could allow an elevation o...
File: smb_nt_ms14-044.nasl - Type: ACT_GATHER_INFO
2014-03-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_kb957488.nasl - Type: ACT_GATHER_INFO
2014-03-10 Name: An application on the remote Windows host has an information disclosure vulne...
File: smb_kb2543893.nasl - Type: ACT_GATHER_INFO
2012-10-10 Name: A cross-site scripting vulnerability in SQL Server could allow elevation of p...
File: smb_kb2754849.nasl - Type: ACT_GATHER_INFO
2012-10-10 Name: A cross-site scripting vulnerability in SQL Server could allow elevation of p...
File: smb_nt_ms12-070.nasl - Type: ACT_GATHER_INFO
2012-08-15 Name: The remote Windows host has a code execution vulnerability.
File: smb_nt_ms12-060.nasl - Type: ACT_GATHER_INFO
2012-04-11 Name: The remote Windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms12-027.nasl - Type: ACT_GATHER_INFO
2011-06-15 Name: An application on the remote Windows host has an information disclosure vulne...
File: smb_nt_ms11-049.nasl - Type: ACT_GATHER_INFO
2011-02-14 Name: The remote VMware ESXi / ESX host is missing one or more security-related pat...
File: vmware_VMSA-2011-0003.nasl - Type: ACT_GATHER_INFO
2009-10-15 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_nt_ms09-062.nasl - Type: ACT_GATHER_INFO
2009-02-11 Name: A database application installed on the remote host is affected by a remote c...
File: smb_kb959420.nasl - Type: ACT_GATHER_INFO
2009-02-11 Name: Arbitrary code can be executed on the remote host through Microsoft SQL Server.
File: smb_nt_ms09-004.nasl - Type: ACT_GATHER_INFO
2008-09-29 Name: The remote SQL server is affected by multiple vulnerabilities.
File: smb_kb941203.nasl - Type: ACT_GATHER_INFO
2008-09-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_nt_ms08-052.nasl - Type: ACT_GATHER_INFO
2008-07-08 Name: The remote Microsoft SQL Server install is vulnerable to memory corruption fl...
File: smb_nt_ms08-040.nasl - Type: ACT_GATHER_INFO
2003-10-08 Name: The remote SQL Server is affected by a local privilege escalation vulnerability.
File: mssql_lte_7.nasl - Type: ACT_GATHER_INFO
2003-07-24 Name: Arbitrary code can be executed on the remote host through the SQL service.
File: smb_nt_ms03-031.nasl - Type: ACT_GATHER_INFO
2003-03-09 Name: The remote SQL server is vulnerable to an information disclosure attack.
File: smb_nt_ms00-035.nasl - Type: ACT_GATHER_INFO
2003-03-06 Name: It may be possible to get the remote SQL Server's administrator password.
File: smb_nt_ms02-035.nasl - Type: ACT_GATHER_INFO