CVE-2012-4341

CWE-119Buffer Overflow3 documents3 sources
Severity
10.0CRITICAL
EPSS
17.3%
top 4.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SAP Netweaver Abap
Timeline
PublishedAug 15
Latest updateMay 14

Description

Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDsap/netweaver_abap7.0, 7.02, 7.03+2

🔴Vulnerability Details

2
GHSA
GHSA-xq6g-x53r-cw4c: Multiple stack-based buffer overflows in msg_server2022-05-14
CVEList
CVE-2012-4341: Multiple stack-based buffer overflows in msg_server2012-08-15
CVE-2012-4341 (CRITICAL CVSS 10) | Multiple stack-based buffer overflo | cvebase.io