CyberSec.Space Logo
CVEブラウザに戻る

CVE-2016-10310

MEDIUM
4.9
CVSS Severity Score
EPSS Score0.1400%
EPSS Percentile42.51th
Published2017年4月10日
Last Modified2026年5月13日

Vulnerability Description

Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authenticated users to cause a denial of service (resource consumption and process crash) by sending a crafted packet several times, aka SAP Security Note 2308778.

Affected Platforms (CPE)

📦
Sap

Sql Anywhere

<= 17.0

References & Advisories

🔗 http://www.securityfocus.com/bid/91197
🔗 https://erpscan.io/advisories/erpscan-16-024-sap-sql-anywhere-mobilink-synchronization-server-buffer-overflow/
🔗 http://www.securityfocus.com/bid/91197
🔗 https://erpscan.io/advisories/erpscan-16-024-sap-sql-anywhere-mobilink-synchronization-server-buffer-overflow/

関連する脆弱性情報

CVE-2008-091210.0

Multiple heap-based buffer overflows in mlsrv10.exe in Sybase MobiLink 10.0.1.3629 and earlier, as used by SQL Anywhere Developer ...

CVE-2019-97599.8

An issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection vulnerability via the general/approve_cen...

CVE-2004-23407.5

** UNVERIFIABLE ** SQL injection vulnerability in PunkBuster Screenshot Database (PB-DB) Alpha 6 allows remote attackers to execu...

CVE-2014-92647.5

Stack-based buffer overflow in the .NET Data Provider in SAP SQL Anywhere allows remote attackers to execute arbitrary code via a ...