CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-0912

Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer Edition 10.0.1.3415 and probably other products, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long (1) username, (2) version, or (3) remote ID. NOTE: some of these details are obtained from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.311

EPSS Ranking 96.5%

CVSS Severity

CVSS v2 Score 10.0

References

http://aluigi.altervista.org/adv/mobilinkhof-adv.txt
http://secunia.com/advisories/29045
http://securityreason.com/securityalert/3691
http://www.securityfocus.com/archive/1/488409/100/0/threaded
http://www.securityfocus.com/archive/1/490259/100/0/threaded
http://www.securityfocus.com/bid/27914
http://www.securitytracker.com/id?1019469
http://www.vupen.com/english/advisories/2008/0626
http://aluigi.altervista.org/adv/mobilinkhof-adv.txt
http://secunia.com/advisories/29045
http://securityreason.com/securityalert/3691
http://www.securityfocus.com/archive/1/488409/100/0/threaded
http://www.securityfocus.com/archive/1/490259/100/0/threaded
http://www.securityfocus.com/bid/27914
http://www.securitytracker.com/id?1019469
http://www.vupen.com/english/advisories/2008/0626

Products affected by CVE-2008-0912

Sybase » Mobilink » Version: Any

cpe:2.3:a:sybase:mobilink:*
Sybase » Sql Anywhere » Version: 10.0.1.3415

cpe:2.3:a:sybase:sql_anywhere:10.0.1.3415

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-0912

Products

Pricing

Contact Us