Vulnerability Name: | CVE-2005-2297 (CCN-21419) | ||||||||
Assigned: | 2005-07-16 | ||||||||
Published: | 2005-07-16 | ||||||||
Updated: | 2016-10-18 | ||||||||
Summary: | Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter. | ||||||||
CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
CVSS v2 Severity: | 4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: CCN Type: BugTraq Mailing List, 2005-06-11 17:03:50 Stack-Based Buffer Overflow in Sybase EAServer 4.2.5 to 5.2 Source: MITRE Type: CNA CVE-2005-2297 Source: BUGTRAQ Type: UNKNOWN 20050715 Stack-Based Buffer Overflow in Sybase EAServer 4.2.5 to 5.2 Source: CCN Type: SA16108 Sybase EAServer WebConsole Buffer Overflows Source: SECUNIA Type: UNKNOWN 16108 Source: CCN Type: SECTRACK ID: 1014497 Sybase EAServer Buffer Overflow in `TreeAction.do` Lets Remote Authenticated Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1014497 Source: CCN Type: OSVDB ID: 17995 Sybase EAServer WebConsole TreeAction.do Parameter Remote Overflow Source: CCN Type: OSVDB ID: 17996 Sybase EAServer WebConsole jagadmin Default Account Source: CCN Type: BID-14287 Sybase EAServer Remote Buffer Overflow Vulnerability Source: MISC Type: Patch, Vendor Advisory http://www.spidynamics.com/spilabs/advisories/sybaseEAserverOverflow.htm Source: CCN Type: Sybase EAServer Security Issue Document Web page Urgent from Sybase: Security Issue in EAServer 5.2 and Earlier Source: CONFIRM Type: Patch, Vendor Advisory http://www.sybase.com/detail?id=1036742 Source: CCN Type: Sybase EAServer Web page Sybase EAServer Source: XF Type: UNKNOWN easerver-treeaction-bo(21419) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||
BACK |