CVE-2014-9264 | HackTesting

Stack-based buffer overflow in the .NET Data Provider in SAP SQL Anywhere allows remote attackers to execute arbitrary code via a crafted column alias.

References

http://www.zerodayinitiative.com/advisories/ZDI-14-413/

http://www.zerodayinitiative.com/advisories/ZDI-14-412/

http://www.zerodayinitiative.com/advisories/ZDI-14-414/

http://www.zerodayinitiative.com/advisories/ZDI-14-415/