8 matches found
CVE-2008-0244
SAP MaxDB is affected by a remote command-injection in the exec_sdbinfo handling that invokes cons.exe via system() without proper input validation. This allows unauthenticated remote attackers to execute arbitrary commands on MaxDB servers (MaxDB 7.6.x and earlier; vulnerability noted for 7.6.0....
CVE-2008-0307
CVE-2008-0307 corresponds to an integer signedness error in SAP MaxDB’s vserver component that can let remote attackers execute arbitrary code by triggering heap corruption. Affected version cited: MaxDB 7.6.0.37 (and possibly others). Exploitation is described as requiring a TCP connection to th...
CVE-2015-2282
CVE-2015-2282 is a stack-based buffer overflow in SAP’s LZC/LZH decompression code used across SAP MaxDB 7.5/7.6, NetWeaver AS ABAP/Java, RFC/GUI SDKs, SAPCAR, and related tools. The flaw (CsObjectInt::CsDecomprLZC and related LZH handling) can cause denial of service (crash) and may allow arbitr...
CVE-2010-1185
SAP MaxDB contains a vulnerability in the serv.exe component where a handshake packet is used to derive a length for a stack copy, enabling a stack-based buffer overflow leading to remote code execution. The issue affects SAP MaxDB versions 7.4.3.32 and 7.6.0.37 through 7.6.06, with the vulnerabl...
CVE-2015-2278
CVE-2015-2278 and CVE-2015-2282 affect SAP products via the LZH/LZC decompression paths. The root causes are in the LZH BuildHufTree function (vpa108csulzh.cpp) and the LZC decompression logic (vpa106cslzc.cpp), where attacker-controlled indices can trigger out-of-bounds reads/writes. Affected so...
CVE-2018-2450
CVE-2018-2450 affects SAP MaxDB (liveCache), specifically versions 7.8 and 7.9. The issue allows an attacker who has DBM operator privileges to execute crafted database queries, leading to reading, modification, or deletion of sensitive data from the database. The root cause is described as a SQL...
CVE-2008-1810
The CVE-2008-1810 issue affects SAP MaxDB 7.6.03.15 on Linux, where the dbmsrv process runs with sdb:sdba privileges and is vulnerable to privilege escalation via a manipulated PATH variable. Local users can exploit an untrusted search path by prefixing PATH with attacker-controlled directories w...
CVE-2008-0306
The CVE-2008-0306 issue affects SAP MaxDB, specifically the sdbstarter component. The connected records describe a design/error in how sdbstarter handles environment variables used to configure MaxDB components, allowing a local attacker to escalate privileges to root by manipulating these variab...