CVE-2018-8273

CRITICAL

Microsoft SQL Server - Buffer Overflow

Title source: llm
STIX 2.1

Description

A buffer overflow vulnerability exists in the Microsoft SQL Server that could allow remote code execution on an affected system, aka "Microsoft SQL Server Remote Code Execution Vulnerability." This affects Microsoft SQL Server.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1041467
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/104967

Scores

CVSS v3 9.8
EPSS 0.2921
EPSS Percentile 98.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (2)
microsoft/sql_server 2016 sp1 (2 CPE variants)
microsoft/sql_server 2017
Published Aug 15, 2018
Tracked Since Feb 18, 2026