Back to search
CVE-2005-0441
Published: Feb 15, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise (ASE) 12.x before 12.5.3 ESD#1 allow remote authenticated users to execute arbitrary code via the (1) attrib_valid function, (2) covert function, (3) declare statement, or (4) a crafted query plan, or remote authenticated users with database owner or "sa" role privileges to execute arbitrary code via (5) a crafted install java statement.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
sybase-ase-convert-bo(19976)
vdb-entry
x_refsource_XF
sybase-ase-install-java-bo(19980)
vdb-entry
x_refsource_XF
http://www.ngssoftware.com/advisories/sybase-ase.txt
x_refsource_MISC
sybase-adaptive-server(19354)
vdb-entry
x_refsource_XF
20050321 Details of Sybase ASE bugs withheld
mailing-list
x_refsource_BUGTRAQ
20050405 Sybase ASE Multiple Security Issues (#NISR05042005)
mailing-list
x_refsource_BUGTRAQ
sybase-ase-abstract-bo(19979)
vdb-entry
x_refsource_XF
http://www.sybase.com/detail/1%2C6904%2C1033894%2C00.html
x_refsource_CONFIRM
13632
third-party-advisory
x_refsource_SECUNIA
http://www.sybase.com/detail?id=1034520
x_refsource_CONFIRM
http://www.sybase.com/detail?id=1034752
x_refsource_CONFIRM
12080
vdb-entry
x_refsource_BID
sybase-ase-declare-bo(19978)
vdb-entry
x_refsource_XF
sybase-ase-attribvalid-bo(19974)
vdb-entry
x_refsource_XF
20041222 Sybase ASE 12.5.2 vulnerabilities
mailing-list
x_refsource_BUGTRAQ
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now