CVE-2017-11757

Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote attackers to execute arbitrary code via crafted traffic to TCP port 1583. The overflow occurs after Server-Client encryption-key exchange. The issue results from an integer underflow that leads to a zero-byte allocation. The _srvLnaConnectMP1 function is affected.
Configurations

Configuration 1 (hide)

cpe:2.3:a:actian:pervasive_psql:12.10:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:actian:zen:13.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-07-31 14:29

Updated : 2024-02-04 19:29


NVD link : CVE-2017-11757

Mitre link : CVE-2017-11757

CVE.ORG link : CVE-2017-11757


JSON object : View

Products Affected

actian

  • pervasive_psql
  • zen
CWE
CWE-191

Integer Underflow (Wrap or Wraparound)