Stack-based Buffer Overflow in SAP DB Web Server by SAP
CVE-2007-3614

Currently unrated

Key Information:

Vendor: SAP
Status: SAP Db
Vendor: CVE Published:; 6 July 2007

What is CVE-2007-3614?

The SAP DB Web Server, specifically in waHTTP.exe, is susceptible to multiple stack-based buffer overflows. This vulnerability can be exploited by remote attackers through specially crafted cookie values or additional parameters, leading to potential arbitrary code execution. Various other inputs related to numerous unspecified fields further compound the risk, making this an area of concern for administrators using affected versions of the SAP DB Web Server.

References

http://www.ngssoftware.com/advisories/critical-risk-vulne...

x_refsource_MISC

http://www.securitytracker.com/id?1018341

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/35277

vdb-entryx_refsource_XF

EPSS Score

76% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 6, 2007
Vulnerability Reserved
Jul 6, 2007