CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2003-1037
https://notcve.org/view.php?id=CVE-2003-1037
Format string vulnerability in the WGate component for SAP Internet Transaction Server (ITS) allows remote attackers to execute arbitrary code via a high "trace level." Vulnerabilidad de cadena de formato en el componente WGate de SAP Internet Transaction Server (ITS) permite a atacantes remotos ejecutar código arbitrario mediante un "nivel de traza" alto. • http://securitytracker.com/id?1009453 http://www.phenoelit.de/stuff/Phenoelit20c3.pd https://exchange.xforce.ibmcloud.com/vulnerabilities/15514 •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2003-1036
https://notcve.org/view.php?id=CVE-2003-1036
Multiple buffer overflows in the AGate component for SAP Internet Transaction Server (ITS) allow remote attackers to execute arbitrary code via long (1) ~command, (2) ~runtimemode, or (3) ~session parameters, or (4) a long HTTP Content-Type header. Múltiples desbordamientos de búfer en el componente AGate de SAP Internet Transaction Server (ITS) permite a atacantes remotos ejecutar código arbitrario mediante parámetros (1) ~command, (2) ~runtimemode, o (3) ~session largos, o mediante una cabecera HTTP Content-Type larga. • http://www.phenoelit.de/stuff/Phenoelit20c3.pd https://exchange.xforce.ibmcloud.com/vulnerabilities/14186 •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2003-1038
https://notcve.org/view.php?id=CVE-2003-1038
The AGate component for SAP Internet Transaction Server (ITS) allows remote attackers to obtain sensitive information via a ~command parameter with an AgateInstallCheck value, which provides a list of installed DLLs and full pathnames. El componente AGate de SAP Internet Transaction Server (ITS) permite a atacantes remotos obtener información sensible mediante un parámetro ~command con un valor AgateInstallCheck, lo que proporciona una lista de DLLs instaladas y rutas completas. • http://www.phenoelit.de/stuff/Phenoelit20c3.pd https://exchange.xforce.ibmcloud.com/vulnerabilities/15516 •