CVE-2015-7992

Sažetak

SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to cause a denial of service (memory corruption and indexserver crash) via unspecified vectors to the EXECUTE_SEARCH_RULE_SET stored procedure, aka SAP Security Note 2175928.

Reference

http://packetstormsecurity.com/files/134284/SAP-HANA-EXECUTE_SEARCH_RULE_SET-Stored-Procedure-Memory-Corruption.html
http://scn.sap.com/community/security/blog/2015/08/18/sap-security-notes-august-2015
http://seclists.org/fulldisclosure/2015/Nov/38
http://www.onapsis.com/research/security-advisories/SAP_HANA_EXECUTE_SEARCH_RULE_SET_Stored_Procedure_Memory_corruption

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:N/I:N/A:P

Zadnje važnije ažuriranje

12-11-2015 - 20:16

Objavljeno

10-11-2015 - 17:59