SAP Sybase Adaptive Server Enterprise XML Injection Vulnerability

2015年7月21日

Email
Facebook
Twitter
Google+
Linkedin

危険度: : 中

概要

The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an external entity declaration in conjunction with an entity reference.

トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

対応方法

Trend Micro Deep Security DPI Rule Number: 1005839