Lucene search
HistoryDec 11, 2014 - 3:59 p.m.
CVE-2014-9264
cve
2014
9264
buffer overflow
sap
.net data provider
sql anywhere
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.4 High
AI Score
Confidence
Low
0.926 High
EPSS
Percentile
99.0%
Stack-based buffer overflow in the .NET Data Provider in SAP SQL Anywhere allows remote attackers to execute arbitrary code via a crafted column alias.
Affected configurations
Node
sapsql_anywhere
| CPE | Name | Operator | Version |
|---|---|---|---|
| sap:sql_anywhere | sap sql anywhere | eq | * |
Related
zdt
zdt
SAP SQL Anywhere .NET Data Provider Code Execution Vulnerabilities
2014-12-10 00:00:00
zdi
zdi
checkpoint_advisories
checkpoint_advisories
cvelist
cvelist
CVE-2014-9264
2014-12-11 15:00:00
nvd
nvd
CVE-2014-9264
2014-12-11 15:59:05
prion
prion
Stack overflow
2014-12-11 15:59:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8.4 High
AI Score
Confidence
Low
0.926 High
EPSS
Percentile
99.0%
Related for CVE-2014-9264