cvelistv5 - cve-2012-4341

Source	URL	Tags
cve@mitre.org	http://scn.sap.com/docs/DOC-8218
cve@mitre.org	http://secunia.com/advisories/49744	Vendor Advisory
cve@mitre.org	http://www.securitytracker.com/id?1027211
cve@mitre.org	http://www.zerodayinitiative.com/advisories/ZDI-12-104/
cve@mitre.org	http://www.zerodayinitiative.com/advisories/ZDI-12-111/
cve@mitre.org	http://www.zerodayinitiative.com/advisories/ZDI-12-112/
cve@mitre.org	https://service.sap.com/sap/support/notes/1649838
cve@mitre.org	https://websmp230.sap-ag.de/sap%28bD1lbiZjPTAwMQ==%29/bc/bsp/spn/sapnotes/index2.htm?numm=1649840

Vendor	Product
n/a	n/a

var-201208-0222

Vulnerability from variot

Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Netweaver ABAP. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msg_server.exe listening on 3900 by default. When the msg_server parses a message with opcode 0x43 and sub-opcode 0x04 it uses a user suplied size field to copy a string into a static sized stack buffer. The resulting buffer overflow can lead to remote code execution under the context of the process. Authentication is not required to exploit this vulnerability.The specific flaw exists within the way SAP NetWeaver handles packages with opcode 0x43. SAP NetWeaver has a defect in the message with the opcode 0x43. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Msg_server.exe listens to port 3900 by default. Arbitrary code. NetWeaver ABAP is prone to a denial-of-service vulnerability

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201208-0222",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "netweaver",
        "scope": null,
        "trust": 2.1,
        "vendor": "sap",
        "version": null
      },
      {
        "model": "netweaver abap",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "sap",
        "version": "7.02"
      },
      {
        "model": "netweaver abap",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "sap",
        "version": "7.0"
      },
      {
        "model": "netweaver abap",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "sap",
        "version": "7.03"
      },
      {
        "model": "netweaver abap",
        "scope": null,
        "trust": 1.2,
        "vendor": "sap",
        "version": null
      },
      {
        "model": "netweaver abap",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sap",
        "version": "7.x"
      },
      {
        "model": "netweaver abap null",
        "scope": "eq",
        "trust": 0.4,
        "vendor": "sap",
        "version": "*"
      },
      {
        "model": "netweaver abap sp4",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "7.03"
      },
      {
        "model": "netweaver abap sp6",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "7.02"
      },
      {
        "model": "netweaver abap sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "29348194-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-111"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-104"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3434"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3433"
      },
      {
        "db": "BID",
        "id": "78143"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003710"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-264"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4341"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sap:netweaver_abap:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:netweaver_abap:7.02:sp6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:netweaver_abap:7.03:sp4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-4341"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "e6af8de8b1d4b2b6d5ba2610cbf9cd38",
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-12-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-111"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-104"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-539"
      }
    ],
    "trust": 2.7
  },
  "cve": "CVE-2012-4341",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2012-4341",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "ZDI-12-112",
            "impactScore": 8.5,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.7,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "ZDI-12-111",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.7,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "ZDI",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "ZDI-12-104",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "HIGH",
            "trust": 0.7,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": null,
            "accessVector": null,
            "authentication": null,
            "author": "IVD",
            "availabilityImpact": null,
            "baseScore": null,
            "confidentialityImpact": null,
            "exploitabilityScore": null,
            "id": "29348194-1f62-11e6-abef-000c29c66e3d",
            "impactScore": null,
            "integrityImpact": null,
            "severity": null,
            "trust": 0.2,
            "vectorString": null,
            "version": "unknown"
          },
          {
            "accessComplexity": null,
            "accessVector": null,
            "authentication": null,
            "author": "IVD",
            "availabilityImpact": null,
            "baseScore": null,
            "confidentialityImpact": null,
            "exploitabilityScore": null,
            "id": "29fdb3de-1f62-11e6-abef-000c29c66e3d",
            "impactScore": null,
            "integrityImpact": null,
            "severity": null,
            "trust": 0.2,
            "vectorString": null,
            "version": "unknown"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2012-4341",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "ZDI",
            "id": "ZDI-12-112",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "ZDI",
            "id": "ZDI-12-111",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "ZDI",
            "id": "ZDI-12-104",
            "trust": 0.7,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201208-264",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "29348194-1f62-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "29fdb3de-1f62-11e6-abef-000c29c66e3d",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2012-4341",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "29348194-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-111"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-104"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-4341"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003710"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-264"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4341"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Netweaver ABAP. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msg_server.exe listening on 3900 by default. When the msg_server parses a message with opcode 0x43 and sub-opcode 0x04 it uses a user suplied size field to copy a string into a static sized stack buffer. The resulting buffer overflow can lead to remote code execution under the context of the process. Authentication is not required to exploit this vulnerability.The specific flaw exists within the way SAP NetWeaver handles packages with opcode 0x43. SAP NetWeaver has a defect in the message with the opcode 0x43. SAP NetWeaver is the technical foundation for SAP Business Suite solutions, SAP xApps composite applications, partner solutions, and custom applications. Msg_server.exe listens to port 3900 by default. Arbitrary code. NetWeaver ABAP is prone to a denial-of-service vulnerability",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-4341"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003710"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-111"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-104"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3434"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3433"
      },
      {
        "db": "BID",
        "id": "78143"
      },
      {
        "db": "IVD",
        "id": "29348194-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-4341"
      }
    ],
    "trust": 5.31
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-4341",
        "trust": 2.8
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-112",
        "trust": 2.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-111",
        "trust": 2.7
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-104",
        "trust": 2.7
      },
      {
        "db": "SECTRACK",
        "id": "1027211",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "49744",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "54229",
        "trust": 1.2
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3434",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3433",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003710",
        "trust": 0.8
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-1396",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-1394",
        "trust": 0.7
      },
      {
        "db": "ZDI_CAN",
        "id": "ZDI-CAN-1395",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "54231",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-264",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-539",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "78143",
        "trust": 0.4
      },
      {
        "db": "IVD",
        "id": "29348194-1F62-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "29FDB3DE-1F62-11E6-ABEF-000C29C66E3D",
        "trust": 0.2
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-4341",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "29348194-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-111"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-104"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3434"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3433"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-4341"
      },
      {
        "db": "BID",
        "id": "78143"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003710"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-264"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-539"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4341"
      }
    ]
  },
  "id": "VAR-201208-0222",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "29348194-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3434"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3433"
      }
    ],
    "trust": 1.87111164
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 1.6
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "29348194-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3434"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3433"
      }
    ]
  },
  "last_update_date": "2024-07-23T22:37:43.393000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SAP has issued an update to correct this vulnerability.",
        "trust": 1.4,
        "url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
      },
      {
        "title": "Acknowledgments to Security Researchers",
        "trust": 0.8,
        "url": "http://scn.sap.com/docs/doc-8218"
      },
      {
        "title": "SAP NetWeaver",
        "trust": 0.8,
        "url": "http://www.sap.com/platform/netweaver/businessbenefits/customdevelopment.epx"
      },
      {
        "title": "SAP has issued an update to correct this vulnerability.",
        "trust": 0.7,
        "url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649838"
      },
      {
        "title": "SAP Netweaver ABAP \u0027msg_server.exe\u0027 parameter name patch for remote code execution vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/18435"
      },
      {
        "title": "SAP Netweaver ABAP \u0027msg_server.exe\u0027 patch for buffer overflow vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/18434"
      },
      {
        "title": "SAP NetWeaver ABAP Fixes for multiple stack-based buffer errors",
        "trust": 0.6,
        "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=209631"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2012-4341 "
      },
      {
        "title": "cve-search",
        "trust": 0.1,
        "url": "https://github.com/r3p3r/cve-search "
      },
      {
        "title": "cve-search-src",
        "trust": 0.1,
        "url": "https://github.com/extremenetworks/cve-search-src "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/zien-tf/z_iot_cve-search-api "
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/pgurudatta/cve-search "
      },
      {
        "title": "cve-search",
        "trust": 0.1,
        "url": "https://github.com/cve-search/cve-search "
      },
      {
        "title": "cve-search",
        "trust": 0.1,
        "url": "https://github.com/dim0niu/cve-search "
      },
      {
        "title": "cve-search",
        "trust": 0.1,
        "url": "https://github.com/swastik99/cve-search-master "
      },
      {
        "title": "cve",
        "trust": 0.1,
        "url": "https://github.com/zwei2008/cve "
      },
      {
        "title": "cve-search",
        "trust": 0.1,
        "url": "https://github.com/miradam/cve-search "
      },
      {
        "title": "modified_cve-search",
        "trust": 0.1,
        "url": "https://github.com/hr-cert/modified_cve-search "
      },
      {
        "title": "cve-search",
        "trust": 0.1,
        "url": "https://github.com/swastik99/cve-search "
      },
      {
        "title": "cve-search-ng",
        "trust": 0.1,
        "url": "https://github.com/cve-search/cve-search-ng "
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-12-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-111"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-104"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3434"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3433"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-4341"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003710"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-264"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003710"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4341"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
      },
      {
        "trust": 2.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-12-111/"
      },
      {
        "trust": 2.0,
        "url": "https://service.sap.com/sap/support/notes/1649838"
      },
      {
        "trust": 2.0,
        "url": "http://www.securitytracker.com/id?1027211"
      },
      {
        "trust": 2.0,
        "url": "http://scn.sap.com/docs/doc-8218"
      },
      {
        "trust": 2.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-12-104/"
      },
      {
        "trust": 2.0,
        "url": "http://www.zerodayinitiative.com/advisories/zdi-12-112/"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/49744"
      },
      {
        "trust": 1.3,
        "url": "https://websmp230.sap-ag.de/sap%28bd1lbizjptawmq==%29/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4341"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4341"
      },
      {
        "trust": 0.7,
        "url": "https://websmp230.sap-ag.de/sap(bd1lbizjptawmq==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649838"
      },
      {
        "trust": 0.6,
        "url": "http://seclists.org/bugtraq/2012/jun/186"
      },
      {
        "trust": 0.6,
        "url": "http://seclists.org/bugtraq/2012/jun/185"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/54229"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/119.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2012-4341"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.securityfocus.com/bid/78143"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/cve-search/cve-search"
      }
    ],
    "sources": [
      {
        "db": "ZDI",
        "id": "ZDI-12-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-111"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-104"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3434"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3433"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-4341"
      },
      {
        "db": "BID",
        "id": "78143"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003710"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-264"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-539"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4341"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "29348194-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "IVD",
        "id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-112"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-111"
      },
      {
        "db": "ZDI",
        "id": "ZDI-12-104"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3434"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3433"
      },
      {
        "db": "VULMON",
        "id": "CVE-2012-4341"
      },
      {
        "db": "BID",
        "id": "78143"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-003710"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-264"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-539"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4341"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-07-02T00:00:00",
        "db": "IVD",
        "id": "29348194-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-07-02T00:00:00",
        "db": "IVD",
        "id": "29fdb3de-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "date": "2012-06-28T00:00:00",
        "db": "ZDI",
        "id": "ZDI-12-112"
      },
      {
        "date": "2012-06-28T00:00:00",
        "db": "ZDI",
        "id": "ZDI-12-111"
      },
      {
        "date": "2012-06-27T00:00:00",
        "db": "ZDI",
        "id": "ZDI-12-104"
      },
      {
        "date": "2012-07-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3434"
      },
      {
        "date": "2012-07-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3433"
      },
      {
        "date": "2012-08-15T00:00:00",
        "db": "VULMON",
        "id": "CVE-2012-4341"
      },
      {
        "date": "2012-08-15T00:00:00",
        "db": "BID",
        "id": "78143"
      },
      {
        "date": "2012-08-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-003710"
      },
      {
        "date": "2012-08-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201208-264"
      },
      {
        "date": "2012-06-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-539"
      },
      {
        "date": "2012-08-15T21:55:05.353000",
        "db": "NVD",
        "id": "CVE-2012-4341"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-06-28T00:00:00",
        "db": "ZDI",
        "id": "ZDI-12-112"
      },
      {
        "date": "2012-06-28T00:00:00",
        "db": "ZDI",
        "id": "ZDI-12-111"
      },
      {
        "date": "2012-06-27T00:00:00",
        "db": "ZDI",
        "id": "ZDI-12-104"
      },
      {
        "date": "2012-07-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3434"
      },
      {
        "date": "2012-07-02T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-3433"
      },
      {
        "date": "2022-10-06T00:00:00",
        "db": "VULMON",
        "id": "CVE-2012-4341"
      },
      {
        "date": "2012-08-15T00:00:00",
        "db": "BID",
        "id": "78143"
      },
      {
        "date": "2012-08-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-003710"
      },
      {
        "date": "2022-10-08T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201208-264"
      },
      {
        "date": "2012-07-02T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201206-539"
      },
      {
        "date": "2023-11-07T02:11:50.587000",
        "db": "NVD",
        "id": "CVE-2012-4341"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-264"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201206-539"
      }
    ],
    "trust": 1.2
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SAP Netweaver ABAP \u0027msg_server.exe\u0027 Parameter name remote code execution vulnerability",
    "sources": [
      {
        "db": "IVD",
        "id": "29348194-1f62-11e6-abef-000c29c66e3d"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-3434"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201208-264"
      }
    ],
    "trust": 0.6
  }
}

ghsa-xq6g-x53r-cw4c

Vulnerability from github

Published

2022-05-14 03:07

Modified

2022-05-14 03:07

Details

Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-4341"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-08-15T21:55:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900.",
  "id": "GHSA-xq6g-x53r-cw4c",
  "modified": "2022-05-14T03:07:56Z",
  "published": "2022-05-14T03:07:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4341"
    },
    {
      "type": "WEB",
      "url": "https://service.sap.com/sap/support/notes/1649838"
    },
    {
      "type": "WEB",
      "url": "https://websmp230.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
    },
    {
      "type": "WEB",
      "url": "http://scn.sap.com/docs/DOC-8218"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/49744"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1027211"
    },
    {
      "type": "WEB",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-12-104"
    },
    {
      "type": "WEB",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-12-111"
    },
    {
      "type": "WEB",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-12-112"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2012-4341

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900.

Aliases

CVE-2012-4341

Aliases

CVE-2012-4341

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-4341",
    "description": "Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900.",
    "id": "GSD-2012-4341"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-4341"
      ],
      "details": "Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900.",
      "id": "GSD-2012-4341",
      "modified": "2023-12-13T01:20:14.608514Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2012-4341",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://service.sap.com/sap/support/notes/1649838",
            "refsource": "MISC",
            "url": "https://service.sap.com/sap/support/notes/1649838"
          },
          {
            "name": "http://www.zerodayinitiative.com/advisories/ZDI-12-112/",
            "refsource": "MISC",
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-12-112/"
          },
          {
            "name": "49744",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/49744"
          },
          {
            "name": "http://www.zerodayinitiative.com/advisories/ZDI-12-104/",
            "refsource": "MISC",
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-12-104/"
          },
          {
            "name": "http://scn.sap.com/docs/DOC-8218",
            "refsource": "CONFIRM",
            "url": "http://scn.sap.com/docs/DOC-8218"
          },
          {
            "name": "https://websmp230.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840",
            "refsource": "MISC",
            "url": "https://websmp230.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
          },
          {
            "name": "1027211",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1027211"
          },
          {
            "name": "http://www.zerodayinitiative.com/advisories/ZDI-12-111/",
            "refsource": "MISC",
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-12-111/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sap:netweaver_abap:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:netweaver_abap:7.02:sp6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:netweaver_abap:7.03:sp4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2012-4341"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "49744",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/49744"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-12-111/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-12-111/"
            },
            {
              "name": "https://service.sap.com/sap/support/notes/1649838",
              "refsource": "MISC",
              "tags": [],
              "url": "https://service.sap.com/sap/support/notes/1649838"
            },
            {
              "name": "1027211",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1027211"
            },
            {
              "name": "http://scn.sap.com/docs/DOC-8218",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://scn.sap.com/docs/DOC-8218"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-12-104/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-12-104/"
            },
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-12-112/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-12-112/"
            },
            {
              "name": "https://websmp230.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840",
              "refsource": "MISC",
              "tags": [],
              "url": "https://websmp230.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2022-10-06T15:20Z",
      "publishedDate": "2012-08-15T21:55Z"
    }
  }
}

Action not permitted

cve-2012-4341

Vulnerability from cvelistv5

var-201208-0222

Vulnerability from variot

ghsa-xq6g-x53r-cw4c

Vulnerability from github

gsd-2012-4341

Vulnerability from gsd

Tags