Vulnerability Description
Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allow remote attackers to execute arbitrary code via (1) a long parameter to the xp_freedll extended stored procedure or (2) a long database name argument to the DBCC CHECKVERIFY function.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sybase | Adaptive Server | 12.0 |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/ntbugtraq/2002-q4/0080.html
- http://archives.neohapsis.com/archives/ntbugtraq/2002-q4/0082.html
- http://cert.uni-stuttgart.de/archive/bugtraq/2002/11/msg00361.html
- http://cert.uni-stuttgart.de/archive/bugtraq/2002/11/msg00364.htmlExploitPatch
- http://www.appsecinc.com/resources/alerts/sybase/02-0001.html
- http://www.appsecinc.com/resources/alerts/sybase/02-0003.html
- http://www.iss.net/security_center/static/10719.php
- http://www.securityfocus.com/bid/6266
- http://www.securityfocus.com/bid/6269
- https://exchange.xforce.ibmcloud.com/vulnerabilities/10721
- http://archives.neohapsis.com/archives/ntbugtraq/2002-q4/0080.html
- http://archives.neohapsis.com/archives/ntbugtraq/2002-q4/0082.html
- http://cert.uni-stuttgart.de/archive/bugtraq/2002/11/msg00361.html
- http://cert.uni-stuttgart.de/archive/bugtraq/2002/11/msg00364.htmlExploitPatch
- http://www.appsecinc.com/resources/alerts/sybase/02-0001.html
FAQ
What is CVE-2002-2250?
CVE-2002-2250 is a vulnerability with a CVSS score of 10.0 (HIGH). Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allow remote attackers to execute arbitrary code via (1) a long parameter to the xp_freedll extended stored procedure or (2) a long da...
How severe is CVE-2002-2250?
CVE-2002-2250 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2002-2250?
Check the references section above for vendor advisories and patch information. Affected products include: Sybase Adaptive Server.