CVSS: 4.6EPSS: 96%CPEs: 4EXPL: 1CVE-2005-2297 – Sybase EAServer 5.2 - Remote Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-2297
Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter. Desbordamiento de búfer en TreeAction.do en Sybase EAServer 4.2.5 hasta la 5.2 permite que usuarios autentificados remotamente ejecute código arbitrario mediante un parámtro grande javascript. • https://www.exploit-db.com/exploits/16766 http://marc.info/?l=bugtraq&m=112146180532313&w=2 http://secunia.com/advisories/16108 http://securitytracker.com/id?1014497 http://www.spidynamics.com/spilabs/advisories/sybaseEAserverOverflow.htm http://www.sybase.com/detail?id=1036742 •
CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0CVE-2002-1861
https://notcve.org/view.php?id=CVE-2002-1861
Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF."). • http://online.securityfocus.com/archive/1/279582 http://www.iss.net/security_center/static/9446.php http://www.securityfocus.com/bid/5119 http://www.westpoint.ltd.uk/advisories/wp-02-0002.txt •