CVE-2005-4815

{"id": "CVE-2005-4815", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-12-31T05:00:00.000", "references": [{"url": "http://lists.darklab.org/pipermail/darklab/2006-January/000209.html", "source": "cve@mitre.org"}, {"url": "http://lists.virus.org/darklab-0509/msg00011.html", "source": "cve@mitre.org"}, {"url": "http://lists.virus.org/darklab-0509/msg00017.html", "source": "cve@mitre.org"}, {"url": "http://lists.virus.org/darklab-0509/msg00018.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/451378/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://lists.darklab.org/pipermail/darklab/2006-January/000209.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.virus.org/darklab-0509/msg00011.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.virus.org/darklab-0509/msg00017.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://lists.virus.org/darklab-0509/msg00018.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/451378/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "SAP 6.4 before 6.40 patch 4, 6.2 before 6.20 patch 1364, 4.6 before 4.6D patch 1767, 45 before 45B patch 913, 40 before 40B patch 1008, and 31 before 31I patch 735 do not properly restrict process execution by lnaxdm/sapsys, which allows remote attackers to execute arbitrary code via a certain UDP packet that ends with the name of a local executable file, aka the \"FX SAP R/3 gwrd vuln.\""}], "lastModified": "2024-11-21T00:05:14.960", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:sap_r_3:4.6_before_patch_1767:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4C79FDB-885C-4E21-8D34-01F7E0F3E670"}, {"criteria": "cpe:2.3:a:sap:sap_r_3:6.2_before_patch_1364:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15558671-9CB0-440B-94C5-6B878B6364D2"}, {"criteria": "cpe:2.3:a:sap:sap_r_3:6.4_before_patch_4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC4F25AE-8381-4FC4-B8E5-1E459DEAD74F"}, {"criteria": "cpe:2.3:a:sap:sap_r_3:31_before_31i_patch_735:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22E767CA-E2B6-4194-A87F-8CAC56EE1F6F"}, {"criteria": "cpe:2.3:a:sap:sap_r_3:40_before_patch_1008:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E15CD7C9-BECC-4DF2-8455-7AE7154A765C"}, {"criteria": "cpe:2.3:a:sap:sap_r_3:45_before_patch_913:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "281C68CB-F59A-4540-A16C-48791607C193"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}