Stack-based buffer overflow in the .NET Data Provider in SAP SQL Anywhere allows remote attackers to execute arbitrary code via a crafted column alias.
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:PSap Sql Anywhere
APPSapwszystkie wersje
π΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References
Related vulnerabilities
CVE-2022-35299CRITICAL9.8ten sam produkt
SAP SQL Anywhere - version 17.0, and SAP IQ - version 16.1, allows an attacker to leverage logical errors in m...
CVE-2023-33990HIGH7.8ten sam produkt
SAP SQL AnywhereΒ - version 17.0, allows an attacker to prevent legitimate users from accessing the service by ...
CVE-2022-41259MEDIUM6.5ten sam produkt
SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a...
CVE-2022-27670MEDIUM6.5ten sam produkt
SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a...
CVE-2019-0381MEDIUM5.5ten sam produkt
A binary planting in SAP SQL Anywhere, before version 17.0, SAP IQ, before version 16.1, and SAP Dynamic Tier,...