Operational Defect Database
BugZero found this defect 459 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
Microsoft SQL Server | 2086044
Fixes an issue where an authenticated attacker could affect SQL Server memory when executing a specially crafted CREATE STATISTICS or UPDATE STATISTICS statement.
Last update date:
2/16/2023
Affected products:
SQL Server 2022 on Linux
SQL Server 2022 on Windows
Affected releases:
build lower than 16.0.4003.1
Fixed releases:
16.0.4003.1
Description:
Fixes an issue where an authenticated attacker could affect SQL Server memory when executing a specially crafted CREATE STATISTICS or UPDATE STATISTICS statement.
