3 matches found
CVE-2015-2278
CVE-2015-2278 and CVE-2015-2282 affect SAP products via the LZH/LZC decompression paths. The root causes are in the LZH BuildHufTree function (vpa108csulzh.cpp) and the LZC decompression logic (vpa106cslzc.cpp), where attacker-controlled indices can trigger out-of-bounds reads/writes. Affected so...
Remotely Exploitable Vulnerabilities in SAP Compression Algorithms
The two primary compression algorithms used by SAP SE products, some of the most popular enterprise and business management software platforms on the market, contain multiple, remotely exploitable security vulnerabilities. Martin Gallo of Core Security Consulting Services found vulnerabilities in...
SAP LZC/LZH Compression Multiple Vulnerabilities
Advisory ID Internal CORE-2015-0009 1. Advisory Information Title: SAP LZC/LZH Compression Multiple Vulnerabilities Advisory ID: CORE-2015-0009 Advisory URL:https://www.coresecurity.com/core-labs/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities Date published: 2015-05-12 Date of last...