CVE-2012-4341

Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:netweaver_abap:7.0:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:7.02:sp6:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_abap:7.03:sp4:*:*:*:*:*:*

History

No history.

Information

Published : 2012-08-15 21:55

Updated : 2024-02-04 18:16


NVD link : CVE-2012-4341

Mitre link : CVE-2012-4341

CVE.ORG link : CVE-2012-4341


JSON object : View

Products Affected

sap

  • netweaver_abap
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer