Home
Description
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
PUBLISHED Reserved 2024-03-13 | Published 2024-04-09 | Updated 2025-05-03 | Assigner microsoft
HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
Problem types
CWE-122: Heap-based Buffer Overflow
Product status
15.0.0 (custom) before 15.0.2110.4
affected
16.0.0 (custom) before 16.0.1115.1
affected
17.0.0.0 (custom) before 17.10.6.1
affected
17.0.0.0 (custom) before 17.10.6.1
affected
17.0.0.0 (custom) before 17.10.6.1
affected
18.0.0.0 (custom) before 18.3.3.1
affected
18.0.0.0 (custom) before 18.3.3.1
affected
18.0.0.0 (custom) before 18.3.3.1
affected
15.0.0 (custom) before 15.0.4360.2
affected
16.0.0 (custom) before 16.0.4120.1
affected
16.11.0 (custom) before 16.11.35
affected
17.4.0 (custom) before 17.4.18
affected
17.0 (custom) before 17.9.6
affected
17.6.0 (custom) before 17.6.14
affected
17.8.0 (custom) before 17.8.9
affected
References
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28937 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability) vendor-advisory
cve.org
(CVE-2024-28937)
nvd.nist.gov
(CVE-2024-28937)
Download JSON