HIGH🇬🇧 English

CVE-2014-9264

CVSS 7.5v2.0pub. 2014-12-11upd. 2026-05-06

Stack-based buffer overflow in the .NET Data Provider in SAP SQL Anywhere allows remote attackers to execute arbitrary code via a crafted column alias.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Sap Sql Anywhere

    APP
    Sap
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEMemory
CWE
Referencje

Powiązane podatności

CVE-2022-35299CRITICAL9.8ten sam produkt

SAP SQL Anywhere - version 17.0, and SAP IQ - version 16.1, allows an attacker to leverage logical errors in m...

CVE-2023-33990HIGH7.8ten sam produkt

SAP SQL Anywhere - version 17.0, allows an attacker to prevent legitimate users from accessing the service by ...

CVE-2022-41259MEDIUM6.5ten sam produkt

SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a...

CVE-2022-27670MEDIUM6.5ten sam produkt

SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a...

CVE-2019-0381MEDIUM5.5ten sam produkt

A binary planting in SAP SQL Anywhere, before version 17.0, SAP IQ, before version 16.1, and SAP Dynamic Tier,...