Memory Initialization Flaw in Microsoft SQL Server and Data Engine Products
CVE-2008-0085
Currently unrated
Key Information:
- Vendor
Microsoft
- Vendor
- CVE Published:
- 8 July 2008
What is CVE-2008-0085?
A vulnerability in Microsoft SQL Server and its associated database engines, such as the Microsoft Data Engine (MSDE), arises from improper memory page initialization. This flaw allows attackers or unauthorized database operators to potentially access sensitive information by exploiting the reuse of memory pages when reallocating memory. Affected versions include SQL Server 7.0, 2000, and 2005 series, as well as MSDE 2000 SP4. This could lead to significant data exposure in environments relying on these affected versions.