ghsa-xq6g-x53r-cw4c
Vulnerability from github
Published
2022-05-14 03:07
Modified
2022-05-14 03:07
Details
Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900.
{
"affected": [],
"aliases": [
"CVE-2012-4341"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-08-15T21:55:00Z",
"severity": "HIGH"
},
"details": "Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900.",
"id": "GHSA-xq6g-x53r-cw4c",
"modified": "2022-05-14T03:07:56Z",
"published": "2022-05-14T03:07:56Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4341"
},
{
"type": "WEB",
"url": "https://service.sap.com/sap/support/notes/1649838"
},
{
"type": "WEB",
"url": "https://websmp230.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840"
},
{
"type": "WEB",
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/49744"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1027211"
},
{
"type": "WEB",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-12-104"
},
{
"type": "WEB",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-12-111"
},
{
"type": "WEB",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-12-112"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading...