PT-2014-5337 · Sap · Sap Sybase Esp

Published

2014-05-22

Updated

2014-05-22

CVE-2014-3458

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions SAP Sybase ESP (affected versions not specified)

Description The issue is related to remote code execution vulnerabilities in the SAP Sybase ESP esp parse module. Specifically, the vulnerabilities are associated with the following functions: Connection.getType(), ConnectionType.getXmlDescription(), ConnectionType.getName(), ConnectionType.getParamNames(), and Connection.getErrors(). These vulnerabilities could potentially allow for remote code execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2014-3458

ZDI-14-141

ZDI-14-142

ZDI-14-143

ZDI-14-144

ZDI-14-145

Affected Products

Sap Sybase Esp

PT-2014-5337 · Sap · Sap Sybase Esp

CVE-2014-3458

Related Identifiers

Affected Products

References · 5