CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 4CVE-2015-2278 – SAP LZC/LZH Compression Denial of Service
https://notcve.org/view.php?id=CVE-2015-2278
13 May 2015 — The LZH decompression implementation (CsObjectInt::BuildHufTree function in vpa108csulzh.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to look-ups of non-simple codes, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316. La implementación LZH decompression ... • http://packetstormsecurity.com/files/131883/SAP-LZC-LZH-Compression-Denial-Of-Service.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 4CVE-2015-2282 – SAP LZC/LZH Compression Denial of Service
https://notcve.org/view.php?id=CVE-2015-2282
13 May 2015 — Stack-based buffer overflow in the LZC decompression implementation (CsObjectInt::CsDecomprLZC function in vpa106cslzc.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316. Desbordamiento de buffer ... • http://packetstormsecurity.com/files/131883/SAP-LZC-LZH-Compression-Denial-Of-Service.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 46%CPEs: 3EXPL: 2CVE-2010-1185 – SAP MaxDB Malformed Handshake Request Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1185
16 Mar 2010 — Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows remote attackers to execute arbitrary code via an invalid length parameter in a handshake packet to TCP port 7210. NOTE: some of these details are obtained from third party information. Desbordamiento de búfer basado en pila en serv.exe de SAP MaxDB v7.4.3.32, y v7.6.0.37 hasta la v7.6.06. Permite a atacantes remotos ejecutar código de su elección a través de un parámetro de longitud inválido en un paquete de "... • https://www.exploit-db.com/exploits/11886 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 89%CPEs: 1EXPL: 4CVE-2008-0244 – SAP MaxDB 7.6.03.07 - Remote Command Execution
https://notcve.org/view.php?id=CVE-2008-0244
12 Jan 2008 — SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to execute arbitrary commands via "&&" and other shell metacharacters in exec_sdbinfo and other unspecified commands, which are executed when MaxDB invokes cons.exe. SAP MaxDB 7.6.03 build 007 y versiones anteriores, permite que atacantes remotos ejecuten comandos arbitrarios usando "$$", además de otros metacarateres del intéprete de comandos (shell) en exec_sdbinfo, y de otros comandos no especificados, que se ejecutan cuando MaxDB invoca a co... • https://packetstorm.news/files/id/180751 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 73%CPEs: 2EXPL: 1CVE-2006-4305 – MaxDB WebDBM - 'Database' Remote Overflow
https://notcve.org/view.php?id=CVE-2006-4305
30 Aug 2006 — Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client. Desbordamiento de búfer en SAP DB y MaxDB anterior a 7.6.00.30 permite a atacantes remotos ejecutar código arbitrario mediante un nombre de base de datos largo al conectar mediante el cliente WebDBM. • https://www.exploit-db.com/exploits/16765 •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 0CVE-2005-1274
https://notcve.org/view.php?id=CVE-2005-1274
26 Apr 2005 — Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter. • http://www.idefense.com/application/poi/display?id=236&type=vulnerabilities •
CVSS: 10.0EPSS: 74%CPEs: 10EXPL: 1CVE-2005-0684 – MaxDB WebDBM - GET Buffer Overflow
https://notcve.org/view.php?id=CVE-2005-0684
25 Apr 2005 — Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c. • https://www.exploit-db.com/exploits/16791 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0083
https://notcve.org/view.php?id=CVE-2005-0083
17 Mar 2005 — MySQL MaxDB 7.5.00 for Windows, and possibly earlier versions and other platforms, allows remote attackers to cause a denial of service (application crash) via invalid parameters to the (1) DBMCli_String::ReallocString, (2) DBMCli_String::operator, (3) DBMCli_Buffer::ForceResize, (4) DBMCli_Wizard::InstallDatabase, (5) DBMCli_Devspaces::Complete, (6) DBMWeb_TemplateWizard::askForWriteCountStep5, or (7) DBMWeb_DBMWeb::wizardDB functions, which triggers a null dereference. • http://www.idefense.com/application/poi/display?id=218&type=vulnerabilities •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2005-0081
https://notcve.org/view.php?id=CVE-2005-0081
20 Jan 2005 — MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via an HTTP request with invalid headers. MySQL MaxDB 7.5.0.0 y otras versiones anteriores a la 7.5.0.21, permite a atacantes remotos causar la Denegación de Servcio (DoS) por caída, mediante una petición HTTP con cabeceras no válidas. • http://www.idefense.com/application/poi/display?id=187&type=vulnerabilities •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2005-0082
https://notcve.org/view.php?id=CVE-2005-0082
20 Jan 2005 — The sapdbwa_GetUserData function in MySQL MaxDB 7.5.0.0, and other versions before 7.5.0.21, allows remote attackers to cause a denial of service (crash) via invalid parameters to the WebDAV handler code, which triggers a null dereference that causes the SAP DB Web Agent to crash. La función sapdbwa_GetUserData de MySQL MaxDB 7.5.0.0, otras versiones anteriores a 7.5.0.21 permite a atacantes remotos causar una denegación de servicio (caída) mediante un parámetro inválido al código de manejador de WebDAV, lo... • http://www.idefense.com/application/poi/display?id=187&type=vulnerabilities •