Cross site request forgery (csrf)

Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS portwatcher service...

CVE-2018-2387

A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to obtain information on ports, which is not available to the user otherwise...

CVE-2018-2383

CVE-2018-2383 is a reflected cross-site scripting (XSS) vulnerability in SAP Internet Graphics Server, affecting SAP-GIS versions 7.20, 7.20EXT, 7.45, 7.49, and 7.53. The CVSS data indicates a network-based vulnerability with no authentication required for CVSSv2 (Access Vector: Network, Complexi...

CVE-2018-2382

CVE-2018-2382 affects SAP Internet Graphics Server (versions 7.20, 7.20EXT, 7.45, 7.49, 7.53). The vulnerability enables a malicious user to store graphics in a controlled area and subsequently access information from the system area that would normally be unavailable. The connected documents pro...

CVE-2018-2390

CVE-2018-2390 affects SAP Internet Graphics Server (IGS) via the IGS Chart service, impacting IGS versions 7.20, 7.20EXT, 7.45, 7.49, and 7.53. The description indicates that under certain conditions a malicious user can prevent legitimate users from accessing IGS, implying a denial-of-service-li...

CVE-2018-2385

CVE-2018-2385 affects SAP Internet Graphics Server (versions 7.20, 7.20EXT, 7.45, 7.49, 7.53 and related services). The issue is a divide-by-zero crash triggered by a malicious user under certain conditions, resulting in partial availability impact. The initial description lists the condition and...

CVE-2018-2396

CVE-2018-2396 affects SAP Internet Graphics Server (IGS) on versions 7.20, 7.20EXT, 7.45, 7.49, 7.53, via the IGS Interpreter service. The issue, under certain conditions, allows a malicious user to prevent legitimate users from accessing IGS (a denial-of-service impact as described). The provide...

CVE-2018-2384

CVE-2018-2384 affects SAP Internet Graphics Server and its services in multiple versions (7.20, 7.20EXT, 7.45, 7.49, 7.53). The root cause is a Null Pointer dereference under certain conditions, which can prevent legitimate users from accessing the server (availability impact). The provided docum...

CVE-2018-2391

Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS portwatcher service...

CVE-2018-2382

A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to store graphics in a controlled area and as such gain information from system area, which is not available to the user otherwise...

CVE-2018-2386

CVE-2018-2386 affects the SAP Internet Graphics Server (IGS) versions 7.20, 7.20EXT, 7.45, 7.49, 7.53. A malicious user can provoke an out-of-bounds buffer overflow under certain conditions, potentially leading to a denial of service affecting legitimate users. The vulnerability is exploitable ov...

CVE-2018-2383

Reflected cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53...

CVE-2018-2385

Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services...

CVE-2018-2393

Under certain conditions SAP Internet Graphics Server IGS 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server IGS to become unavailable...

CVE-2018-2384

Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services...

CVE-2018-2388

The CVE-2018-2388 entry concerns a stored cross-site scripting (XSS) vulnerability in SAP Internet Graphics Server affecting versions 7.20, 7.20EXT, 7.45, 7.49, 7.53 . The connected records consistently describe a stored XSS issue; no additional root-cause details are provided beyond this, and th...

CVE-2018-2387

The CVE-2018-2387 entry describes a vulnerability in SAP Internet Graphics Server affecting versions 7.20, 7.20EXT, 7.45, 7.49, and 7.53. The issue allows a malicious user to obtain information about open ports that should not be accessible, indicating an information disclosure risk. The connecte...

CVE-2018-2390

Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS Chart service...

CVE-2018-2388

Stored cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53...

CVE-2018-2393

Under certain conditions SAP Internet Graphics Server IGS 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server IGS to become unavailable. Recent assessments: gwillcox-r7 at October 06, 2020 4:05pm UTC reported: This...