VULHUB ™

Adaptive Server Anywhere has been reported prone to a format string vulnerability in the extended stored procedure XP_SPRINTF. It has been reported that this vulnerability may be exploited by an authenticated user who has sufficient privileges to pass data to the XP_SPRINTF procedure. An attacker may exploit this vulnerability to escalate privileges to the 'dba' user within the database, or to escalate privileges to the user the Adaptive Server Anywhere process is running as.

Adaptive Server Anywhere has been reported prone to a format string vulnerability in the extended stored procedure XP_SPRINTF. It has been reported that this vulnerability may be exploited by an authenticated user who has sufficient privileges to pass data to the XP_SPRINTF procedure. An attacker may exploit this vulnerability to escalate privileges to the 'dba' user within the database, or to escalate privileges to the user the Adaptive Server Anywhere process is running as.