CVE-2008-0307

Sažetak

Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=669
http://secunia.com/advisories/29312
http://www.securityfocus.com/bid/28183
http://www.securitytracker.com/id?1019571
http://www.vupen.com/english/advisories/2008/0844/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41107

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

08-08-2017 - 01:29

Objavljeno

11-03-2008 - 23:44