CVE-2003-0944

5 documents4 sources

Severity

7.5HIGH

EPSS

3.2%

top 12.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP SAP DB

Timeline

PublishedDec 15

Latest updateApr 29

Description

Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDsap/sap_db7.4.03.29

Patches

Patch: www.atstake.com ↗Patch: www.atstake.com ↗

🔴Vulnerability Details

GHSA

GHSA-9gr5-whhp-9v76: Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7↗2022-04-29

▶

CVEList

CVE-2003-0944: Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7↗2003-11-21

▶

💥Exploits & PoCs

Exploit-DB

Microsoft Jet Database - 'msjet40.dll' Code Execution (Reverse Shell) (2)↗2005-04-22

▶

Exploit-DB

Microsoft Jet Database - 'msjet40.dll' DB File Buffer Overflow↗2005-04-11

▶