Heap-based Buffer Overflow in SAP Message Server
CVE-2007-3624

Currently unrated

Key Information:

Vendor: SAP
Status: SAP Message Server
Vendor: CVE Published:; 9 July 2007

What is CVE-2007-3624?

The SAP Message Server is subject to a significant security vulnerability involving a heap-based buffer overflow. This flaw allows remote attackers to potentially execute arbitrary code on the server by sending a carefully manipulated request, specifically utilizing a long string in the group parameter within the /msgserver/html/group path. Successful exploitation could allow an attacker to gain control over the affected message server, leading to unauthorized access and significant security breaches.

References

http://securitytracker.com/id?1018340

vdb-entryx_refsource_SECTRACK

http://marc.info/?l=bugtraq&m=118365794615827&w=2

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/25966

third-party-advisoryx_refsource_SECUNIA

EPSS Score

65% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 9, 2007
Vulnerability Reserved
Jul 9, 2007