CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2003-0938

vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the SQLAT stored procedure.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.7%

CVSS Severity

CVSS v2 Score 7.2

References

http://www.atstake.com/research/advisories/2003/a111703-1.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/13765
http://www.atstake.com/research/advisories/2003/a111703-1.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/13765

Products affected by CVE-2003-0938

Sap » Sap Db » Version: Any

cpe:2.3:a:sap:sap_db:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2003-0938

Products

Pricing

Contact Us