CVE-2006-4305

Опубликовано: 30 авг. 2006

Источник: nvd

CVSS2: 10

EPSS Высокий

Описание

Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client.

Ссылки

http://dev.mysql.com/doc/maxdb/changes/changes_7.6.00.32.html
http://secunia.com/advisories/21677
Vendor Advisory
http://secunia.com/advisories/22518
Vendor Advisory
http://securitytracker.com/id?1016766
Vendor Advisory
http://www.debian.org/security/2006/dsa-1190
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/444601/100/0/threaded
http://www.securityfocus.com/bid/19660
Patch
http://www.symantec.com/enterprise/research/SYMSA-2006-009.txt
Vendor Advisory
http://www.vupen.com/english/advisories/2006/3410
https://exchange.xforce.ibmcloud.com/vulnerabilities/28636
http://dev.mysql.com/doc/maxdb/changes/changes_7.6.00.32.html
http://secunia.com/advisories/21677
Vendor Advisory
http://secunia.com/advisories/22518
Vendor Advisory
http://securitytracker.com/id?1016766
Vendor Advisory
http://www.debian.org/security/2006/dsa-1190
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/444601/100/0/threaded
http://www.securityfocus.com/bid/19660
Patch
http://www.symantec.com/enterprise/research/SYMSA-2006-009.txt
Vendor Advisory
http://www.vupen.com/english/advisories/2006/3410
https://exchange.xforce.ibmcloud.com/vulnerabilities/28636

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mysql:maxdb:*:*:*:*:*:*:*:*

Версия до 7.6.00.22 (включая)

cpe:2.3:a:sap-db:sap-db:*:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.80878

Высокий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2006-4305

ubuntu

больше 19 лет назад

Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client.

CVE-2006-4305

debian

больше 19 лет назад

Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote att ...

GHSA-88j9-hr3g-c3jw

github

почти 4 года назад

Buffer overflow in SAP DB and MaxDB before 7.6.00.30 allows remote attackers to execute arbitrary code via a long database name when connecting via a WebDBM client.

EPSS

Процентиль: 99%

0.80878

Высокий

10 Critical

CVSS2

Дефекты

NVD-CWE-Other