Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise (ASE) 12.x before 12.5.3 ESD#1 allow remote authenticated users to execute arbitrary code via the (1) attrib_valid function, (2) covert function, (3) declare statement, or (4) a crafted query plan, or remote authenticated users with database owner or "sa" role privileges to execute arbitrary code via (5) a crafted install java statement.
Software | From | Fixed in |
---|---|---|
sybase / adaptive_server_enterprise | 11.03.3 | 11.03.3.x |
sybase / adaptive_server_enterprise | 11.5 | 11.5.x |
sybase / adaptive_server_enterprise | 11.5.1 | 11.5.1.x |
sybase / adaptive_server_enterprise | 11.9.2 | 11.9.2.x |
sybase / adaptive_server_enterprise | 12.0 | 12.0.x |
sybase / adaptive_server_enterprise | 12.0.1 | 12.0.1.x |
sybase / adaptive_server_enterprise | 12.5 | 12.5.x |
sybase / adaptive_server_enterprise | 12.5.2 | 12.5.2.x |
sybase / adaptive_server_enterprise | 12.5.3 | 12.5.3.x |