The host is installed with Microsoft SQL Server 2008, 2008 R2, 2012 or 2014 and is prone to a remote code execution vulnerability. A flaw is present in the application, which incorrectly handles internal function calls to uninitialized memory. Successful exploitation could allow attackers to take complete control of an affected system.