Sap Se Sap Internet Graphics Server vulnerabilities

13 known vulnerabilities affecting sap_se/sap_internet_graphics_server.

Total CVEs
13
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH3MEDIUM10

Vulnerabilities

Page 1 of 1
CVE-2018-2392HIGHCVSS 7.5PoCv7.20v7.20EXT+3 more2018-02-14
CVE-2018-2392 [HIGH] CWE-611 CVE-2018-2392: Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails t Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable.
cvelistv5nvd
CVE-2018-2395HIGHCVSS 8.8v7.20v7.20EXT+3 more2018-02-14
CVE-2018-2395 [HIGH] CVE-2018-2395: Under certain conditions a malicious user may retrieve information on SAP Internet Graphic Server (I Under certain conditions a malicious user may retrieve information on SAP Internet Graphic Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, overwrite existing image or corrupt other type of files.
cvelistv5nvd
CVE-2018-2393HIGHCVSS 7.5PoCv7.20v7.20EXT+3 more2018-02-14
CVE-2018-2393 [HIGH] CWE-611 CVE-2018-2393: Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails t Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable.
cvelistv5nvd
CVE-2018-2385MEDIUMCVSS 6.5v7.20v7.20EXT+3 more2018-02-14
CVE-2018-2385 [MEDIUM] CWE-369 CVE-2018-2385: Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate us Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.
cvelistv5nvd
CVE-2018-2394MEDIUMCVSS 6.5v7.20v7.20EXT+3 more2018-02-14
CVE-2018-2394 [MEDIUM] CVE-2018-2394: Under certain conditions an unauthenticated malicious user can prevent legitimate users from accessi Under certain conditions an unauthenticated malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, services and/or system files.
cvelistv5nvd
CVE-2018-2383MEDIUMCVSS 6.1v7.20v7.20EXT+3 more2018-02-14
CVE-2018-2383 [MEDIUM] CWE-79 CVE-2018-2383: Reflected cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7 Reflected cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53.
cvelistv5nvd
CVE-2018-2384MEDIUMCVSS 6.5v7.20v7.20EXT+3 more2018-02-14
CVE-2018-2384 [MEDIUM] CWE-476 CVE-2018-2384: Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimat Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.
cvelistv5nvd
CVE-2018-2382MEDIUMCVSS 6.5v7.20v7.20EXT+3 more2018-02-14
CVE-2018-2382 [MEDIUM] CVE-2018-2382: A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to store graphics in a controlled area and as such gain information from system area, which is not available to the user otherwise.
cvelistv5nvd
CVE-2018-2386MEDIUMCVSS 6.5v7.20v7.20EXT+3 more2018-02-14
CVE-2018-2386 [MEDIUM] CWE-119 CVE-2018-2386: Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent leg Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53.
cvelistv5nvd
CVE-2018-2389MEDIUMCVSS 5.7v7.20v7.20EXT+3 more2018-02-14
CVE-2018-2389 [MEDIUM] CWE-116 CVE-2018-2389: Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server (IGS) Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, hiding important information in the log file.
cvelistv5nvd
CVE-2018-2388MEDIUMCVSS 6.1v7.20v7.20EXT+3 more2018-02-14
CVE-2018-2388 [MEDIUM] CWE-79 CVE-2018-2388: Stored cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49 Stored cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53.
cvelistv5nvd
CVE-2018-2396MEDIUMCVSS 6.5v7.20v7.20EXT+3 more2018-02-14
CVE-2018-2396 [MEDIUM] CVE-2018-2396: Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Intern Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, using IGS Interpreter service.
cvelistv5nvd
CVE-2018-2387MEDIUMCVSS 6.5v7.20v7.20EXT+3 more2018-02-14
CVE-2018-2387 [MEDIUM] CVE-2018-2387: A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to obtain information on ports, which is not available to the user otherwise.
cvelistv5nvd