Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0307

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-0307
Last Modified 07 Mar 2011 10:04:18
Published 11 Mar 2008 07:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0307

Summary

Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.

Vulnerable Systems

Application

  • Sap Maxdb 7.6.0.37


References

XF - maxdb-vserver-code-execution(41107)

VUPEN - ADV-2008-0844

SECTRACK - 1019571

BID - 28183

SECUNIA - 29312

IDEFENSE - 20080310 SAP MaxDB Signedness Error Heap Corruption Vulnerability


Last Updated: 27 May 2016 10:46:46