Vulnerabilities > CVE-2002-0219 - Unspecified vulnerability in SAS Base and SAS Integration Technologies
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via large command line argument.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0032.html
- http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0032.html
- http://online.securityfocus.com/archive/1/252847
- http://online.securityfocus.com/archive/1/252847
- http://online.securityfocus.com/archive/1/252891
- http://online.securityfocus.com/archive/1/252891
- http://www.iss.net/security_center/static/8017.php
- http://www.iss.net/security_center/static/8017.php
- http://www.sas.com/service/techsup/unotes/SN/004/004201.html
- http://www.sas.com/service/techsup/unotes/SN/004/004201.html
- http://www.securityfocus.com/bid/3979
- http://www.securityfocus.com/bid/3979