Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2015-2278
HistoryJun 02, 2015 - 2:59 p.m.

Out-of-bounds

2015-06-0214:59:00
PRIOn knowledge base
www.prio-n.com
1

7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

79.2%

JSON

The LZH decompression implementation (CsObjectInt::BuildHufTree function in vpa108csulzh.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to look-ups of non-simple codes, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316.

CPENameOperatorVersion
maxdbeq7.5
maxdbeq7.6

Related

cve 1
coresecurity 1
threatpost 1
securityvulns 1
cve
cve
CVE-2015-2278
2015-06-02 14:59:00
coresecurity
coresecurity
SAP LZC LZH Compression Multiple Vulnerabilities
2015-05-12 00:00:00
threatpost
threatpost
Remotely Exploitable Vulnerabilities in SAP Compression Algorithms
2015-05-13 15:30:15
securityvulns
securityvulns
[CORE-2015-0009] - SAP LZC/LZH Compression Multiple Vulnerabilities
2015-05-17 00:00:00

7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

79.2%

JSON
Related for PRION:CVE-2015-2278
cve1coresecurity1threatpost1securityvulns1