remote code execution vulnerabilities



Enterprise software and services company Sybase has again patched holes in its Adaptive Server Enterprise (ASE) product, fixing a handful of database vulnerabilities that could have allowed a hacker to execute code and bypass security parameters on the company’s main database server product.

Patches released this week by database and mobile management vendor Sybase did not completely repair serious privilege escalation and remote code execution vulnerabilities in versions 15.0.3 and later of its Adaptive Server Enterprise (ASE) product.Researchers at Application Security Inc., which specializes in database security, reported a dozen vulnerabilities to the SAP company in July. AppSec also sent along proof-of-concept exploit code with details of the vulnerabilities.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.