Vulnerabilities > Sybase > Adaptive Server Enterprise

DATE CVE VULNERABILITY TITLE RISK
2013-11-23 CVE-2013-6864 Path Traversal vulnerability in Sybase Adaptive Server Enterprise 15.0.3/15.5/15.7
Directory traversal vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to affect confidentiality, integrity, and availability via unspecified vectors.
network
high complexity
sybase CWE-22
6.1
6.1
2013-11-23 CVE-2013-6863 Permissions, Privileges, and Access Controls vulnerability in Sybase Adaptive Server Enterprise 15.0.3/15.5/15.7
SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to gain privileges via unspecified vectors.
network
low complexity
sybase CWE-264
critical
 9.0
9.0
2013-11-23 CVE-2013-6862 Unspecified vulnerability in Sybase Adaptive Server Enterprise 15.0.3/15.5/15.7
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote attackers to cause a denial of service via unspecified vectors.
network
low complexity
sybase
7.8
7.8
2013-11-23 CVE-2013-6861 Unspecified vulnerability in Sybase Adaptive Server Enterprise 15.0.3/15.5/15.7
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors.
local
low complexity
sybase
4.9
4.9
2013-11-23 CVE-2013-6860 Unspecified vulnerability in Sybase Adaptive Server Enterprise 15.0.3/15.5/15.7
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to obtain sensitive information via unspecified vectors.
network
low complexity
sybase
6.8
6.8
2013-11-23 CVE-2013-6859 Improper Authentication vulnerability in Sybase Adaptive Server Enterprise 15.0.3/15.5/15.7
SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3.
network
sybase CWE-287
8.5
8.5
2013-10-24 CVE-2013-6245 Remote Code Execution vulnerability in SAP Sybase Adaptive Server Enterprise
Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3.
network
low complexity
sybase
critical
 10.0
10
2013-10-19 CVE-2013-6025 Code Injection vulnerability in Sybase Adaptive Server Enterprise 15.7
The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
network
low complexity
sybase CWE-94
4.0
4.0
2003-12-15 CVE-2003-0327 Unspecified vulnerability in Sybase Adaptive Server Enterprise 12.5
Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers to cause a denial of service (hang) via a remote password array with an invalid length, which triggers a heap-based buffer overflow.
network
low complexity
sybase
5.0
5.0