THREATINT

We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)

Ok

PUBLISHED

CVE-2024-26166

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Reserved:2024-02-14
Published:2024-03-12
Updated:2024-06-11

Description

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability



HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C

Problem types

CWE-122: Heap-based Buffer Overflow

Product status

10.0.0 before 10.0.17763.5576
affected

10.0.0 before 10.0.17763.5576
affected

10.0.0 before 10.0.17763.5576
affected

10.0.0 before 10.0.20348.2340
affected

10.0.0 before 10.0.20348.2333
affected

10.0.0 before 10.0.22000.2836
affected

10.0.0 before 10.0.19044.4170
affected

10.0.0 before 10.0.22621.3296
affected

10.0.0 before 10.0.19045.4170
affected

10.0.0 before 10.0.22631.3296
affected

10.0.0 before 10.0.22631.3296
affected

10.0.0 before 10.0.25398.763
affected

10.0.0 before 10.0.10240.20526
affected

10.0.0 before 10.0.14393.6796
affected

10.0.0 before 10.0.14393.6796
affected

10.0.0 before 10.0.14393.6796
affected

6.0.0 before 6.0.6003.22567
affected

6.0.0 before 6.0.6003.22567
affected

6.0.0 before 6.0.6003.22567
affected

6.1.0 before 6.1.7601.27017
affected

6.0.0 before 6.1.7601.27017
affected

6.2.0 before 6.2.9200.24768
affected

6.2.0 before 6.2.9200.24768
affected

6.3.0 before 6.3.9600.21871
affected

6.3.0 before 6.3.9600.21871
affected

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26166 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability) vendor-advisory

cve.org CVE-2024-26166

nvd.nist.gov CVE-2024-26166

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2024-26166