GCVE - cpe:2.3:a:sybase:easerver:5.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:sybase:easerver:5.0:*:*:*:*:*:*:*

part: a version: 5.0 update: *

Vendor	Sybase (`fd5456a1-48f2-5560-bcfd-28feee5f84a9`)
Product	Easerver (`1b26e048-3e43-5eb6-83b1-5bcd5e06df53`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2012-4340`	vulnerable	2026-06-03 14:32:18.433492	Details available Cross-site scripting (XSS) vulnerability in Sybase EAServer before 6.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: 2012-08-15T21:00:00.000Z Updated: 2024-09-17T02:11:26.658Z Open on db.gcve.eu Reference links http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-000047.html http://jvn.jp/en/jp/JVN47662377/index.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-0497`	vulnerable	2026-06-03 14:30:49.506687	Details available Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via "../\" (dot dot forward-slash backslash) sequences in a crafted request. Published: 2011-01-20T18:00:00.000Z Updated: 2024-08-06T21:58:24.552Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/64695 http://secunia.com/advisories/42904 http://www.sybase.com/detail?id=1091057 http://www.securityfocus.com/bid/45809 http://osvdb.org/70427	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-0496`	vulnerable	2026-06-03 14:30:49.491002	Details available Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to install arbitrary web services and execute arbitrary code, related to a "design vulnerability." Published: 2011-01-20T18:00:00.000Z Updated: 2024-08-06T21:58:24.444Z Open on db.gcve.eu Reference links http://secunia.com/advisories/42904 http://osvdb.org/70428 https://exchange.xforce.ibmcloud.com/vulnerabilities/64697 http://www.sybase.com/detail?id=1091057 http://www.securityfocus.com/bid/45809	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-2539`	vulnerable	2026-06-03 14:27:32.580279	Details available Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SPARC, and 5.3 for Sun Solaris SPARC does not properly protect passwords when they are being entered via the GUI, which allows local users to obtain the cleartext passwords via the getSelectedText function in javax.swing.JPasswordField component. Published: 2006-05-22T23:00:00.000Z Updated: 2024-08-07T17:51:04.618Z Open on db.gcve.eu Reference links http://secunia.com/advisories/20145 https://exchange.xforce.ibmcloud.com/vulnerabilities/26567 http://www.vupen.com/english/advisories/2006/1869 http://www.sybase.com/detail?id=1040665 http://www.securityfocus.com/bid/18036	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-2297`	vulnerable	2026-06-03 14:27:01.588744	Details available Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter. Published: 2005-07-19T04:00:00.000Z Updated: 2024-08-07T22:22:48.945Z Open on db.gcve.eu Reference links http://www.sybase.com/detail?id=1036742 http://securitytracker.com/id?1014497 http://secunia.com/advisories/16108 http://marc.info/?l=bugtraq&m=112146180532313&w=2 http://www.spidynamics.com/spilabs/advisories/sybaseEAserverOverflow.htm	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.