CVE-2007-3615

Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:microsoft:all_windows:*:*:*:*:*:*:*:*
OR cpe:2.3:a:sap:internet_communication_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_web_application_server:6.10:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_web_application_server:6.20:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_web_application_server:6.40:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_web_application_server:7.0:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_web_application_server:7.0.10:*:*:*:*:*:*:*

History

21 Nov 2024, 00:33

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0105.html - () http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0105.html -
References () http://osvdb.org/38095 - () http://osvdb.org/38095 -
References () http://secunia.com/advisories/25964 - Patch, Vendor Advisory () http://secunia.com/advisories/25964 - Patch, Vendor Advisory
References () http://securityreason.com/securityalert/2875 - () http://securityreason.com/securityalert/2875 -
References () http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/ - Vendor Advisory () http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/ - Vendor Advisory
References () http://www.securityfocus.com/archive/1/472890/100/0/threaded - () http://www.securityfocus.com/archive/1/472890/100/0/threaded -
References () http://www.securityfocus.com/bid/24774 - () http://www.securityfocus.com/bid/24774 -
References () http://www.securitytracker.com/id?1018336 - () http://www.securitytracker.com/id?1018336 -
References () http://www.vupen.com/english/advisories/2007/2450 - () http://www.vupen.com/english/advisories/2007/2450 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/35278 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/35278 -

Information

Published : 2007-07-06 19:30

Updated : 2024-11-21 00:33


NVD link : CVE-2007-3615

Mitre link : CVE-2007-3615

CVE.ORG link : CVE-2007-3615


JSON object : View

Products Affected

microsoft

  • all_windows

sap

  • internet_communication_manager
  • sap_web_application_server