| ID |
CVE-2007-1917
|
| Summary |
Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 before 20061211 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:o:ibm:os_400:gold:*:*:*:*:*:*:*
cpe:2.3:o:ibm:os_400:gold:*:*:*:*:*:*:*
-
cpe:2.3:o:ibm:os_400:v5r2m0:*:*:*:*:*:*:*
cpe:2.3:o:ibm:os_400:v5r2m0:*:*:*:*:*:*:*
-
cpe:2.3:o:hp:tru64:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:tru64:*:*:*:*:*:*:*:*
-
cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*
-
cpe:2.3:a:ibm:racf:-:*:*:*:*:*:*:*
cpe:2.3:a:ibm:racf:-:*:*:*:*:*:*:*
-
cpe:2.3:o:linux:linux_kernel:*:*:ia32_64-bit:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:ia32_64-bit:*:*:*:*:*
-
cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:*
-
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
-
cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*
-
cpe:2.3:o:siemens:reliant_unix:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:reliant_unix:*:*:*:*:*:*:*:*
-
cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*
cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*
-
cpe:2.3:a:sap:rfc_library:7.0:*:*:*:*:*:*:*
cpe:2.3:a:sap:rfc_library:7.0:*:*:*:*:*:*:*
-
cpe:2.3:a:sap:rfc_library:6.4:*:*:*:*:*:*:*
cpe:2.3:a:sap:rfc_library:6.4:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 10.0 (as of 22-09-2021 - 14:22) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
| refmap
via4
|
|
| Last major update |
22-09-2021 - 14:22 |
| Published |
10-04-2007 - 23:19 |
| Last modified |
22-09-2021 - 14:22 |
