7.8 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.808 High
EPSS
Percentile
98.3%
Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands.
CPE | Name | Operator | Version |
---|---|---|---|
sap:sapgui | sap sapgui | eq | 7.10 |
sap:saplpd | sap saplpd | le | 6.28 |
sap:sapsprint | sap sapsprint | eq | * |
secunia.com/advisories/28786
secunia.com/advisories/28811
securityreason.com/securityalert/3619
www.securityfocus.com/archive/1/487508/100/0/threaded
www.securityfocus.com/archive/1/487575/100/0/threaded
www.securityfocus.com/bid/27613
www.securitytracker.com/id?1019300
www.vupen.com/english/advisories/2008/0409
www.vupen.com/english/advisories/2008/0438
www.exploit-db.com/exploits/5079