Stack-Based Buffer Overflow in SAP MaxDB Affects Multiple Versions
CVE-2010-1185

Currently unrated

Key Information:

Vendor: SAP
Status: Maxdb
Vendor: CVE Published:; 29 March 2010

Summary

A remote code execution vulnerability exists in the SAP MaxDB due to a stack-based buffer overflow in the serv.exe component. This risk arises from an invalid length parameter in a handshake packet processed on TCP port 7210, allowing attackers to potentially execute arbitrary code. Addressing this issue is paramount to safeguarding systems using affected versions of SAP MaxDB.

References

http://osvdb.org/63047

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/56950

vdb-entryx_refsource_XF

http://www.securitytracker.com/id?1023719

vdb-entryx_refsource_SECTRACK

EPSS Score

46% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 29, 2010
Vulnerability Reserved
Mar 29, 2010