CVE-2008-0307

Currently unrated

Key Information:

Vendor: SAP
Status: Maxdb
Vendor: CVE Published:; 11 March 2008

Summary

Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/41107

vdb-entryx_refsource_XF

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

http://www.securityfocus.com/bid/28183

vdb-entryx_refsource_BID

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 11, 2008
Vulnerability Reserved
Jan 16, 2008