Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote malicious users to execute arbitrary code via crafted traffic to TCP port 1583. The overflow occurs after Server-Client encryption-key exchange. The issue results from an integer underflow that leads to a zero-byte allocation. The _srvLnaConnectMP1 function is affected.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
actian pervasive psql 12.10 |
||
actian zen 13.0 |