CVE-2016-7250
published 2016-11-10CVE-2016-7250: Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain…
high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
Microsoft SQL Server 2014 SP1, 2014 SP2, and 2016 does not properly perform a cast of an unspecified pointer, which allows remote authenticated users to gain privileges via unknown vectors, aka "SQL RDBMS Engine Elevation of Privilege Vulnerability."
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | sql_server | — | — |
| microsoft | sql_server | — | — |
| msrc | microsoft_sql_server_2014_service_pack_1_for_32-bit_systems | — | — |
| msrc | microsoft_sql_server_2014_service_pack_1_for_x64-based_systems | — | — |
| msrc | microsoft_sql_server_2014_service_pack_2_for_32-bit_systems | — | — |
| msrc | microsoft_sql_server_2014_service_pack_2_for_x64-based_systems | — | — |
| msrc | microsoft_sql_server_2016_for_x64-based_systems | — | — |