Buffer Overflow in AGate Component for SAP Internet Transaction Server
CVE-2003-1036

Currently unrated

Key Information:

Vendor: SAP
Status: Internet Transaction Server
Vendor: CVE Published:; 15 April 2004

What is CVE-2003-1036?

The AGate component in SAP Internet Transaction Server contains multiple buffer overflow vulnerabilities. These flaws can be exploited by remote attackers to execute arbitrary code. The vulnerabilities arise from improperly handled long parameters, including those for ~command, ~runtimemode, ~session, and through a lengthy HTTP Content-Type header. If successfully exploited, these buffer overflows may lead to unauthorized access and control of the affected systems.

References

http://www.phenoelit.de/stuff/Phenoelit20c3.pd

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/14186

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 15, 2004
Vulnerability Reserved
Mar 15, 2004