Vulnerability Details : CVE-2012-4341
Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900.
Vulnerability category: OverflowExecute codeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2012-4341
Probability of exploitation activity in the next 30 days: 5.67%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 93 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-4341
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2012-4341
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-4341
-
http://www.zerodayinitiative.com/advisories/ZDI-12-104/
ZDI-12-104 | Zero Day Initiative
-
http://www.zerodayinitiative.com/advisories/ZDI-12-111/
ZDI-12-111 | Zero Day Initiative
-
http://scn.sap.com/docs/DOC-8218
Acknowledgments to Security Researchers - Security and Identity Management - SCN Wiki
-
https://service.sap.com/sap/support/notes/1649838
-
http://www.zerodayinitiative.com/advisories/ZDI-12-112/
ZDI-12-112 | Zero Day Initiative
-
http://www.securitytracker.com/id?1027211
SAP NetWeaver ABAP Flaw in 'msg_server.exe' Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
https://websmp230.sap-ag.de/sap(bD1lbiZjPTAwMQ==)/bc/bsp/spn/sapnotes/index2.htm?numm=1649840
Products affected by CVE-2012-4341
- cpe:2.3:a:sap:netweaver_abap:7.03:sp4:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver_abap:7.02:sp6:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver_abap:7.0:*:*:*:*:*:*:*