CVE-2008-0307

CWE-1893 documents3 sources
Severity
9.3CRITICAL
EPSS
4.2%
top 11.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SAP Maxdb
Timeline
PublishedMar 11
Latest updateMay 1

Description

Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDsap/maxdb7.6.0.37

🔴Vulnerability Details

2
GHSA
GHSA-25xv-g2pj-97p3: Integer signedness error in vserver in SAP MaxDB 72022-05-01
CVEList
CVE-2008-0307: Integer signedness error in vserver in SAP MaxDB 72008-03-11
CVE-2008-0307 (CRITICAL CVSS 9.3) | Integer signedness error in vserver | cvebase.io