CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0912

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1400%
EPSS Percentile0.68th
PublishedFeb 22, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer Edition 10.0.1.3415 and probably other products, allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long (1) username, (2) version, or (3) remote ID. NOTE: some of these details are obtained from third party information.

Affected Platforms (CPE)

πŸ“¦
Sybase

Mobilink

<= 10.0.1.3629
πŸ“¦
Sybase

Sql Anywhere

= 10.0.1.3415

References & Advisories

πŸ”— http://aluigi.altervista.org/adv/mobilinkhof-adv.txt
πŸ”— http://secunia.com/advisories/29045
πŸ”— http://securityreason.com/securityalert/3691
πŸ”— http://www.securityfocus.com/archive/1/488409/100/0/threaded
πŸ”— http://www.securityfocus.com/archive/1/490259/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/27914
πŸ”— http://www.securitytracker.com/id?1019469
πŸ”— http://www.vupen.com/english/advisories/2008/0626

Related Vulnerabilities

CVE-2016-103104.9

Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authent...

CVE-2008-524410.0

Unspecified vulnerability in xine-lib before 1.1.15 has unknown impact and attack vectors related to libfaad. NOTE: due to the la...

CVE-2008-292810.0

Multiple buffer overflows in the adminutil library in CGI applications in Red Hat Directory Server 7.1 before SP7 allow remote att...

CVE-2008-000310.0

Stack-based buffer overflow in the PAMBasicAuthenticator::PAMCallback function in OpenPegasus CIM management server (tog-pegasus),...