PT-2014-4591 · Sas Institute · Sas
Published
2014-02-28
·
Updated
2018-10-09
·
CVE-2014-2262
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
SAS versions 9.2 TS2M3, 9.3 TS1M1, 9.3 TS1M2, and 9.4 TS1M0
Description
A buffer overflow issue exists in the client application, allowing remote attackers to execute arbitrary code via a crafted SAS program.
Recommendations
For SAS version 9.2 TS2M3, update to a version that includes the fix for this issue.
For SAS version 9.3 TS1M1, update to a version that includes the fix for this issue.
For SAS version 9.3 TS1M2, update to a version that includes the fix for this issue.
For SAS version 9.4 TS1M0, update to a version that includes the fix for this issue.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sas