CVE-2003-1036

3 documents3 sources

Severity

7.5HIGH

EPSS

3.1%

top 13.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP Internet Transaction Server

Timeline

PublishedApr 15

Latest updateApr 29

Description

Multiple buffer overflows in the AGate component for SAP Internet Transaction Server (ITS) allow remote attackers to execute arbitrary code via long (1) ~command, (2) ~runtimemode, or (3) ~session parameters, or (4) a long HTTP Content-Type header.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDsap/internet_transaction_server4.6_pl463+2

🔴Vulnerability Details

GHSA

GHSA-mjr3-48vc-h485: Multiple buffer overflows in the AGate component for SAP Internet Transaction Server (ITS) allow remote attackers to execute arbitrary code via long (↗2022-04-29

▶

CVEList

CVE-2003-1036: Multiple buffer overflows in the AGate component for SAP Internet Transaction Server (ITS) allow remote attackers to execute arbitrary code via long (↗2004-03-16

▶