CVE-2014-2262

Base SAS 9.2 TS2M3, 9.3 TS1M1-TS1M2, 9.4 TS1M0 - Buffer Overflow via Crafted SAS Program

Title source: llm
STIX 2.1

Description

Buffer overflow in the client application in Base SAS 9.2 TS2M3, SAS 9.3 TS1M1 and TS1M2, and SAS 9.4 TS1M0 allows user-assisted remote attackers to execute arbitrary code via a crafted SAS program.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/531283/100/0/threaded
Vendor Advisory x_refsource_confirm
http://support.sas.com/kb/51/701.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/65853
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/57029

Scores

EPSS 0.0431
EPSS Percentile 90.0%

Details

CWE
CWE-119
Status published
Products (3)
sas/base_sas 9.2 ts2m
sas/base_sas 9.3 ts1m1 (2 CPE variants)
sas/base_sas 9.4 ts1m0
Published Mar 01, 2014
Tracked Since Feb 18, 2026