- Description
- Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:sapgui:7.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BCEAAEEF-62DE-4BDD-846A-EA746FC4AADC"
},
{
"criteria": "cpe:2.3:a:sap:saplpd:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7F9C73A3-56A4-41C3-895A-4D49608B2946",
"versionEndIncluding": "6.28"
},
{
"criteria": "cpe:2.3:a:sap:sapsprint:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADF65E3D-45F1-4491-8532-B5BE4F6CD2E4"
}
],
"operator": "OR"
}
]
}
]