ID
VAR-E-200909-0915
TITLE
SAP NetWeaver Multiple Unspecified Remote Vulnerabilities
Trust: 0.3
DESCRIPTION
SAP NetWeaver is prone to multiple unspecified remote vulnerabilities, including:
- Multiple information-disclosure vulnerabilities.
- A NULL-pointer dereference vulnerability.
- Multiple heap-overflow vulnerabilities.
- A denial-of-service vulnerability.
Attackers can exploit these issues to execute code within the context of the affected server, cause denial-of-service conditions, and obtain potentially sensitive information.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | sap | model: | netweaver | scope: | eq | version: | 7.01 | Trust: 0.3 |
| vendor: | sap | model: | netweaver | scope: | eq | version: | 7.0 | Trust: 0.3 |
EXPLOIT
A working commercial exploit is available through Intevydis. This exploit is not otherwise publicly available or known to be circulating in the wild.
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Input Validation Error
Trust: 0.3
CREDITS
Intevydis
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 36252 | Trust: 0.3 |
REFERENCES
| url: | http://intevydis.com/company.shtml | Trust: 0.3 |
| url: | http://www.sap.com/platform/netweaver/index.epx | Trust: 0.3 |
SOURCES
| db: | BID | id: | 36252 |
LAST UPDATE DATE
2022-07-27T09:22:43.698000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 36252 | date: | 2009-09-03T22:12:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 36252 | date: | 2009-09-03T00:00:00 |