VYPR
Critical severity9.8NVD Advisory· Published Jul 31, 2017· Updated Jun 17, 2026

CVE-2017-11757

CVE-2017-11757

Description

Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote attackers to execute arbitrary code via crafted traffic to TCP port 1583. The overflow occurs after Server-Client encryption-key exchange. The issue results from an integer underflow that leads to a zero-byte allocation. The _srvLnaConnectMP1 function is affected.

Affected products

4
  • cpe:2.3:a:actian:pervasive_psql:12.10:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:actian:pervasive_psql:12.10:*:*:*:*:*:*:*
    • (no CPE)range: v12.10
  • Actian/Zen2 versions
    cpe:2.3:a:actian:zen:13.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:actian:zen:13.0:*:*:*:*:*:*:*
    • (no CPE)range: v13

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.