CVE-2014-6252Improper Restriction of Operations within the Bounds of a Memory Buffer in SAP Netweaver

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
2.2%
top 15.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
SAP Netweaver
Timeline
PublishedSep 5
Latest updateMay 14

Description

Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.50294 in the Dispatcher in SAP NetWeaver 7.00 and 7.20 allows remote authenticated users to cause a denial of service or execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

NVDsap/netweaver7.0, 7.20+1

🔴Vulnerability Details

2
GHSA
GHSA-cf5f-6cfg-x73p: Buffer overflow in disp+work2022-05-14
CVEList
CVE-2014-6252: Buffer overflow in disp+work2014-09-05
CVE-2014-6252 — SAP Netweaver vulnerability | cvebase