Unrated severityNVD Advisory· Published Jul 19, 2005· Updated Apr 16, 2026

CVE-2005-2297

Description

Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter.

Affected products

Sybase/Easerver4 versions
cpe:2.3:a:sybase:easerver:4.2.5:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:sybase:easerver:4.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:sybase:easerver:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:sybase:easerver:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:sybase:easerver:5.2:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.spidynamics.com/spilabs/advisories/sybaseEAserverOverflow.htmnvdPatchVendor Advisory
www.sybase.com/detailnvdPatchVendor Advisory
marc.infonvd
secunia.com/advisories/16108nvd
securitytracker.com/idnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.057
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000