CyberSec.Space Logo
Back to CVE Browser

CVE-2016-10310

MEDIUM
4.9
CVSS Severity Score
EPSS Score0.1400%
EPSS Percentile42.51th
PublishedApr 10, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authenticated users to cause a denial of service (resource consumption and process crash) by sending a crafted packet several times, aka SAP Security Note 2308778.

Affected Platforms (CPE)

πŸ“¦
Sap

Sql Anywhere

<= 17.0

References & Advisories

πŸ”— http://www.securityfocus.com/bid/91197
πŸ”— https://erpscan.io/advisories/erpscan-16-024-sap-sql-anywhere-mobilink-synchronization-server-buffer-overflow/
πŸ”— http://www.securityfocus.com/bid/91197
πŸ”— https://erpscan.io/advisories/erpscan-16-024-sap-sql-anywhere-mobilink-synchronization-server-buffer-overflow/

Related Vulnerabilities

CVE-2008-091210.0

Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer ...

CVE-2019-97599.8

An issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection vulnerability via the general/approve_cen...

CVE-2004-23407.5

** UNVERIFIABLE ** SQL injection vulnerability in PunkBuster Screenshot Database (PB-DB) Alpha 6 allows remote attackers to execu...

CVE-2014-92647.5

Stack-based buffer overflow in the .NET Data Provider in SAP SQL Anywhere allows remote attackers to execute arbitrary code via a ...