Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via large command line argument.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Sas_base | Sas | 8.0 (including) | 8.0 (including) |
Sas_base | Sas | 8.1 (including) | 8.1 (including) |
Sas_integration_technologies | Sas | 8.0 (including) | 8.0 (including) |
Sas_integration_technologies | Sas | 8.1 (including) | 8.1 (including) |