CVE-2003-1037

Properties

Published:
14.04.2004
Updated:
20.10.2005
Patch available:
Severity:
High
CVSS vector:
(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N) Approximated
Product:
SAP: Internet Transaction Server
SAP: Internet Transaction Server
SAP: Internet Transaction Server

Vulnerability description

Format string vulnerability in the WGate component for SAP Internet Transaction Server (ITS) allows remote attackers to execute arbitrary code via a high "trace level."

References:

Security Tracker: http://www.securitytracker.com/alerts/2004/Mar/1009453.html
ISS X-Force: http://xforce.iss.net/xforce/xfdb/15514
MISC: http://www.phenoelit.de/stuff/Phenoelit20c3.pd
SECTRACK: http://securitytracker.com/id?1009453