RSS   Vulnerabilities for 'Rfc library'   RSS

2015-06-02
 
CVE-2015-2282

CWE-119
 

 
Stack-based buffer overflow in the LZC decompression implementation (CsObjectInt::CsDecomprLZC function in vpa106cslzc.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316.

 
 
CVE-2015-2278

CWE-119
 

 
The LZH decompression implementation (CsObjectInt::BuildHufTree function in vpa108csulzh.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to look-ups of non-simple codes, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316.

 
2007-04-10
 
CVE-2007-1918

CWE-Other
 

 
The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before 20070109 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

 
 
CVE-2007-1917

CWE-Other
 

 
Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

 
 
CVE-2007-1916

CWE-Other
 

 
Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

 
 
CVE-2007-1915

CWE-Other
 

 
Buffer overflow in the RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

 
 
CVE-2007-1914

CWE-Other
 

 
The RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to obtain sensitive information (external RFC server configuration data) via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

 
 
CVE-2007-1913

CWE-Other
 

 
The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.

 

 >>> Vendor: SAP 332 Products
Router
Application server
Sap r 3 web application server demo
Saposcol
E-commerce
Crystal reports
Sap db
Sap r 3
Sapgui
Adaptive server enterprise
Internet transaction server
Mysap business suite
Maxdb
Sap web application server
Business connector
Sapdba
Download manager
Infrastructure
Internet graphics server
Inventory manager
Saplpd
Sapsprint
Rfc library
Sap basis component 640
Sap basis component 700
Netweaver nw04
Netweaver nw04s
Enjoysap
Internet communication manager
Sap message server
Business objects
Sql anywhere
Netweaver
Web dynpro
Sap gui
Tabone
Commerce
Gateway
Crystal reports server
Sap kernel
Business one 2005-a
Businessobjects
J2ee engine core
Server core
System landscape directory
Netweaver business client
Netweaver abap
GUI
Production planning and control
Healthcare industry solution
Erp cental component
Basis communication services
Erp central component
Network interface router
Netweaver logviewer
Netweaver development infrastructure
Customer relationship management
Emr unwired
Netweaver solution manager
Netweaver exchange infrastructure (bc-xi)
Bi universal data integration
Ccms / database monitor
J2ee engine
Guided procedures archive monitor
Mobile infrastructure
Adminadapter
Cm services
Cms services
Ccms agent
Solution manager
Enterprise portal
Software deployment manager
Enhancement package
HANA
Print and output management
Business object processing framework for abap
Netweaver software lifecycle manager
Netweaver abap application server
Profile maintenance
Background processing
Netweaver java application server
Project system
Brazil
Web services tool
Computing center management system monitoring
Transaction data pool
Capacity leveling
Open hub service
Oil industry solution traders and schedulers workbench
Upgrade tools
Supplier relationship management
Hana extend application services
Netweaver business warehouse
Fi manager self-service
Businessobjects xi
Businessobjects explorer
Commoncryptolib
Sapcrytolib
Sapseculib
Environment health and safety
See all Products for Vendor SAP


Copyright 2024, cxsecurity.com

 

Back to Top