Assigner | microsoft |
Reserved | 2024-03-13 |
Published | 2024-04-09 |
Updated | 2024-06-11 |
Description
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
HIGH: 8.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
Problem types
CWE-122: Heap-based Buffer Overflow
Product status
15.0.0 before 15.0.4360.2
affected
16.0.0 before 16.0.4120.1
affected
15.0.0 before 15.0.2110.4
affected
16.0.0 before 16.0.1115.1
affected
17.0.0.0 before 17.10.6.1
affected
17.0.0.0 before 17.10.6.1
affected
17.0.0.0 before 17.10.6.1
affected
18.0.0.0 before 18.3.3.1
affected
18.0.0.0 before 18.3.3.1
affected
18.0.0.0 before 18.3.3.1
affected
16.11.0 before 16.11.35
affected
17.0 before 17.9.6
affected
17.4.0 before 17.4.18
affected
17.6.0 before 17.6.14
affected
17.8.0 before 17.8.9
affected
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28935 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability) vendor-advisory
cve.org CVE-2024-28935
nvd.nist.gov CVE-2024-28935
Download JSON