Vulnerabilities > Sybase > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-04-19 | CVE-2006-1829 | Unspecified vulnerability in Sybase Easerver 5.2/5.3 EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote authenticated users, possibly guests, to obtain password credentials of arbitrary users via unspecified vectors involving (1) connection caches, (2) open password prompts, and (3) stored custom connection profiles. | 4.0 |
| 2005-07-19 | CVE-2005-2297 | Local Security vulnerability in EAServer Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter. | 4.6 |
| 2003-12-15 | CVE-2003-0327 | Unspecified vulnerability in Sybase Adaptive Server Enterprise 12.5 Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers to cause a denial of service (hang) via a remote password array with an invalid length, which triggers a heap-based buffer overflow. | 5.0 |
| 2002-12-31 | CVE-2002-1861 | Unspecified vulnerability in Sybase Easerver 4.0 Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). | 5.0 |
| 2001-08-02 | CVE-2001-0599 | Buffer Overflow vulnerability in Sybase Adaptive Server Anywhere 6.0.3.2747 Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier as included with Symantec Ghost 6.5 allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to port 2638. | 5.0 |
| 2000-04-11 | CVE-1999-0695 | Unspecified vulnerability in Sybase Powerdynamo 3.0.652 The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. | 5.0 |