SAP : Security Vulnerabilities, CVEs, Published In December 2003 (Code Execution)
Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI.
Max CVSS
7.5
EPSS Score
0.39%
Published
2003-12-15
Updated
2008-09-05
Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa.
Max CVSS
7.5
EPSS Score
0.39%
Published
2003-12-15
Updated
2008-09-05
eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the niserver (aka serv.exe) process on TCP port 7269, which prevents the server from NULL terminating the string and leads to a buffer overflow.
Max CVSS
7.5
EPSS Score
2.62%
Published
2003-12-15
Updated
2008-09-05
3 vulnerabilities found