SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/98350 | Third Party Advisory VDB Entry |
https://www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerability | Exploit Third Party Advisory |
https://www.exploit-db.com/exploits/41991/ |
Configurations
History
No history.
Information
Published : 2017-05-10 17:29
Updated : 2024-02-28 15:44
NVD link : CVE-2017-8852
Mitre link : CVE-2017-8852
CVE.ORG link : CVE-2017-8852
JSON object : View
Products Affected
sap
- sapcar
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer