CVE-2007-6254Improper Restriction of Operations within the Bounds of a Memory Buffer in SAP Business Objects

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
9.3CRITICALNVD
EPSS
32.2%
top 3.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SAP Business Objects
Timeline
PublishedMar 20
Latest updateMay 1

Description

Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

Patches

Patch: www.kb.cert.orgPatch: www.kb.cert.org

🔴Vulnerability Details

2
GHSA
GHSA-q4m7-4g4r-h962: Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX2022-05-01
CVEList
CVE-2007-6254: Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX2008-03-20
CVE-2007-6254 — SAP Business Objects vulnerability | cvebase