Vulnerabilities > SAS > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-03-01 | CVE-2014-2262 | Buffer Errors vulnerability in SAS Base SAS 9.2/9.3/9.4 Buffer overflow in the client application in Base SAS 9.2 TS2M3, SAS 9.3 TS1M1 and TS1M2, and SAS 9.4 TS1M0 allows user-assisted remote attackers to execute arbitrary code via a crafted SAS program. | 9.3 |
| 2002-12-31 | CVE-2002-2017 | Local Root Code Execution vulnerability in SAS SASTCPD sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd. | 10.0 |