Vulnerability CVE-2015-2278
Published: 2015-06-02

Description:
The LZH decompression implementation (CsObjectInt::BuildHufTree function in vpa108csulzh.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to look-ups of non-simple codes, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
SAP ERPScan XXE Injection / XSS / Missing Authorization
Darya Maenkova
23.05.2015

Type:

CWE-119

 (Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
SAP -> GUI 
SAP -> Maxdb 
SAP -> Netweaver abap application server 
SAP -> Netweaver java application server 
SAP -> Netweaver rfc sdk 
SAP -> Rfc library 

 References:
http://packetstormsecurity.com/files/131883/SAP-LZC-LZH-Compression-Denial-Of-Service.html
http://seclists.org/fulldisclosure/2015/May/50
http://seclists.org/fulldisclosure/2015/May/96
http://www.coresecurity.com/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities
http://www.securityfocus.com/archive/1/535535/100/0/threaded
http://www.securityfocus.com/bid/74643
Copyright 2024, cxsecurity.com

 

Back to Top