Network World

Microsoft plugs privilege elevation flaw in SQL server

Microsoft’s SQL Server 7.0 and 2000 software contain a critical flaw that allows low privilege users to elevate their privilege level and make changes to tasks created by other users, the company said ...

Ivanti EPM: Security flaws allow SQL injection, privilege escalation

Ivanti warns of three security vulnerabilities in Endpoint Manager (EPM). They allow SQL injection or privilege escalation.