Lucene search

[email protected]CVE-2008-0621

HistoryFeb 06, 2008 - 12:00 p.m.

CVE-2008-0621

2008-02-0612:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-0621

saplpd

sap gui

sapsprint

buffer overflow

remote code execution

nvd

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.808 High

EPSS

Percentile

98.3%

JSON

Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands.

Affected configurations

NVD

Node

sapsapguiMatch7.10

sapsaplpdRange≤6.28

sapsapsprint

CPENameOperatorVersion
sap:sapguisap sapguieq7.10
sap:saplpdsap saplpdle6.28
sap:sapsprintsap sapsprinteq*

CPE	Name	Operator	Version
sap:sapgui	sap sapgui	eq	7.10
sap:saplpd	sap saplpd	le	6.28
sap:sapsprint	sap sapsprint	eq	*

References

secunia.com/advisories/28786

secunia.com/advisories/28811

securityreason.com/securityalert/3619

www.securityfocus.com/archive/1/487508/100/0/threaded

www.securityfocus.com/archive/1/487575/100/0/threaded

www.securityfocus.com/bid/27613

www.securitytracker.com/id?1019300

www.vupen.com/english/advisories/2008/0409

www.vupen.com/english/advisories/2008/0438

www.exploit-db.com/exploits/5079

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.808 High

EPSS

Percentile

98.3%

JSON

Related for CVE-2008-0621

prion1 packetstorm1 d21 cvelist1 nvd1 nessus2 seebug1