Directory Traversal Vulnerability in SAP Internet Graphics Service
CVE-2006-6345

Currently unrated

Key Information:

Vendor: SAP
Status: Internet Graphics Server
Vendor: CVE Published:; 7 December 2006

What is CVE-2006-6345?

A directory traversal vulnerability exists in SAP Internet Graphics Service (IGS) versions 6.40 Patchlevel 16 and earlier, as well as 7.00 Patchlevel 6 and earlier. This flaw allows remote attackers to craft special HTTP requests that can manipulate path traversal sequences, potentially enabling them to delete arbitrary files on the server. The issue poses a serious risk to file integrity and security, as it allows unauthorized access to sensitive data and management of server files.

References

http://www.securityfocus.com/bid/21449

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/30765

vdb-entryx_refsource_XF

http://www.vupen.com/english/advisories/2006/4863

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Dec 7, 2006
Vulnerability Reserved
Dec 6, 2006