|
|
CVE Reference: CVE-2007-3614 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3614 |
|
|
Description: Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP DB Web Server) in SAP DB, possibly 7.3 through 7.5, allow remote attackers to execute arbitrary code via (1) a certain cookie value; (2) a certain additional parameter, related to sapdbwa_GetQueryString; and other unspecified vectors related to "numerous other fields." |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/35277 ST 1018341 SREASON http://securityreason.com/securityalert/2867 SAID Secunia Advisory: SA25954 OSVDB 37838 MISC http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-sap-db-web-server-stack-overflow/ CERT-VN 679041 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/472891/100/0/threaded BID 24773 |
|
| Return to the previous page. |
