CVE-2010-4556

Опубликовано: 17 дек. 2010

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Stack-based buffer overflow in the SapThemeRepository ActiveX control (sapwdpcd.dll) in SAP NetWeaver Business Client allows remote attackers to execute arbitrary code via the (1) Load and (2) LoadTheme methods.

Ссылки

http://secunia.com/advisories/35796
Vendor Advisory
http://www.securityfocus.com/bid/45396
http://www.securitytracker.com/id?1024890
http://www.vupen.com/english/advisories/2010/3239
Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-10-290/
https://exchange.xforce.ibmcloud.com/vulnerabilities/64061
https://service.sap.com/sap/support/notes/1519966
http://secunia.com/advisories/35796
Vendor Advisory
http://www.securityfocus.com/bid/45396
http://www.securitytracker.com/id?1024890
http://www.vupen.com/english/advisories/2010/3239
Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-10-290/
https://exchange.xforce.ibmcloud.com/vulnerabilities/64061
https://service.sap.com/sap/support/notes/1519966

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:netweaver_business_client:*:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.12682

Средний

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-h3qm-57f6-w9vc

github

больше 3 лет назад