==================================================================== CERT-Renater Note d'Information No. 2012/VULN399 ____________________________________________________________________ DATE : 10/10/2012 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S) : Systems running Microsoft SQL Server versions 2000, 2005, 2008, 2012. ====================================================================== KB2754849 http://technet.microsoft.com/en-us/security/bulletin/MS12-070 ______________________________________________________________________ Microsoft Security Bulletin MS12-070 - Important Vulnerability in SQL Server Could Allow Elevation of Privilege (2754849) Published Date: October 9, 2012 Version: 1.0 General Information Executive Summary This security update resolves a privately reported vulnerability in Microsoft SQL Server on systems running SQL Server Reporting Services (SSRS). The vulnerability could allow elevation of privilege if a user clicks a specially crafted link in an email message or browses to a webpage that is used to exploit the vulnerability. The XSS Filter in Internet Explorer 8, and Internet Explorer 9, and Internet Explorer 10 prevents this attack for Internet Explorer 8, Internet Explorer 9, and Internet Explorer 10 users when browsing to websites in the Internet Zone. The XSS Filter in Internet Explorer 8, Internet Explorer 9, and Internet Explorer 10 is not enabled by default in the Intranet Zone. This security update is rated Important for Microsoft SQL Server 2000 Reporting Services Service Pack 2 and for systems running SQL Server Reporting Services (SSRS) on Microsoft SQL Server 2005 Service Pack 4, Microsoft SQL Server 2008 Service Pack 2, Microsoft SQL Server 2008 Service Pack 3, Microsoft SQL Server 2008 R2 Service Pack 1, and Microsoft SQL Server 2012. For more information, see the subsection, Affected and Non-Affected Software, in this section. Affected Software Microsoft SQL Server 2000 Reporting Services Service Pack 2 Microsoft SQL Server 2005 Express Edition with Advanced Services Service Pack 4 [1] Microsoft SQL Server 2005 for 32-bit Systems Service Pack 4 [1] Microsoft SQL Server 2005 for x64-based Systems Service Pack 4 [1] Microsoft SQL Server 2005 for Itanium-based Systems Service Pack 4 [1] Microsoft SQL Server 2008 for 32-bit Systems Service Pack 2 [1] Microsoft SQL Server 2008 for 32-bit Systems Service Pack 3 [1] Microsoft SQL Server 2008 for x64-based Systems Service Pack 2 [1] Microsoft SQL Server 2008 for x64-based Systems Service Pack 3 [1] Microsoft SQL Server 2008 for Itanium-based Systems Service Pack 2 [1] Microsoft SQL Server 2008 for Itanium-based Systems Service Pack 3 [1] Microsoft SQL Server 2008 R2 for 32-bit Systems Service Pack 1 [1] Microsoft SQL Server 2008 R2 for x64-based Systems Service Pack 1 [1] Microsoft SQL Server 2008 R2 for Itanium-based Systems Service Pack 1 [1] Microsoft SQL Server 2012 for 32-bit Systems [1] Microsoft SQL Server 2012 for x64-based Systems [1] [1]This update is only offered to customers running SQL Server Reporting Services (SSRS). Vulnerability Information Reflected XSS Vulnerability - CVE-2012-2552 A reflected XSS vulnerability exists in SQL Server Report Manager that could allow an attacker to inject a client-side script into the user's instance of Internet Explorer. The script could spoof content, disclose information, or take any action that the user could take on the site on behalf of the targeted user. ====================================================================== ========================================================= Serveur de référence du CERT-Renater https://services.renater.fr/ssi/ ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23 - 25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================