CVE-2010-1185

Currently unrated

Key Information:

Vendor: SAP
Status: Maxdb
Vendor: CVE Published:; 29 March 2010

Summary

Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows remote attackers to execute arbitrary code via an invalid length parameter in a handshake packet to TCP port 7210. NOTE: some of these details are obtained from third party information.

References

http://osvdb.org/63047

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/56950

vdb-entryx_refsource_XF

http://www.securitytracker.com/id?1023719

vdb-entryx_refsource_SECTRACK

EPSS Score

41% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 29, 2010
Vulnerability Reserved
Mar 29, 2010