PT-2013-6156 · Sap · Sap Sybase Adaptive Server Enterprise

Published

2013-11-23

Updated

2013-11-25

CVE-2013-6865

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions SAP Sybase Adaptive Server Enterprise (ASE) versions 15.0.3 before 15.0.3 ESD#4.3 SAP Sybase Adaptive Server Enterprise (ASE) versions 15.5 before 15.5 ESD#5.3 SAP Sybase Adaptive Server Enterprise (ASE) versions 15.7 before 15.7 SP50 or 15.7 SP100

Description The issue allows remote authenticated users to execute arbitrary code via unspecified vectors.

Recommendations For versions 15.0.3 before 15.0.3 ESD#4.3, update to 15.0.3 ESD#4.3 or later. For versions 15.5 before 15.5 ESD#5.3, update to 15.5 ESD#5.3 or later. For versions 15.7 before 15.7 SP50 or 15.7 SP100, update to 15.7 SP50, 15.7 SP100, or later.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2013-6865

Affected Products

Sap Sybase Adaptive Server Enterprise

PT-2013-6156 · Sap · Sap Sybase Adaptive Server Enterprise

CVE-2013-6865

Weakness Enumeration

Related Identifiers

Affected Products

References · 5