CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-1761

Microsoft SQL Server 2008 SP3 and SP4, 2008 R2 SP2 and SP3, 2012 SP1 and SP2, and 2014 uses an incorrect class during casts of unspecified pointers, which allows remote authenticated users to gain privileges by leveraging certain write access, aka "SQL Server Elevation of Privilege Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.094

EPSS Ranking 92.3%

CVSS Severity

CVSS v2 Score 6.5

References

http://www.securitytracker.com/id/1032893
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-058
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05382740
http://www.securitytracker.com/id/1032893
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-058
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05382740

Products affected by CVE-2015-1761

Microsoft » Sql Server » Version: 2008

cpe:2.3:a:microsoft:sql_server:2008
Microsoft » Sql Server » Version: 2012

cpe:2.3:a:microsoft:sql_server:2012
Microsoft » Sql Server » Version: 2014

cpe:2.3:a:microsoft:sql_server:2014

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-1761

Products

Pricing

Contact Us