CVE-2018-2385
published 2018-02-14CVE-2018-2385: Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20…
medium6.5CVSS 3.0
AVNACLPRLUINSUCNINAH
Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kamailio | kamailio | >= 0 < 4.3.4-1.1ubuntu2.1+esm2 | 4.3.4-1.1ubuntu2.1+esm2 |
| kamailio | kamailio | >= 0 < 5.1.2-1ubuntu2+esm2 | 5.1.2-1ubuntu2+esm2 |
| kamailio | kamailio | >= 0 < 5.3.2-1ubuntu0.1~esm2 | 5.3.2-1ubuntu0.1~esm2 |
| sap | internet_graphics_server | — | — |
| sap | internet_graphics_server | — | — |
| sap | internet_graphics_server | — | — |
| sap | internet_graphics_server | — | — |
| sap | internet_graphics_server | — | — |
| sap_se | sap_internet_graphics_server | — | — |
| sap_se | sap_internet_graphics_server | — | — |
| sap_se | sap_internet_graphics_server | — | — |
| sap_se | sap_internet_graphics_server | — | — |
| sap_se | sap_internet_graphics_server | — | — |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv9.8CRITICAL