Vulnerability Details CVE-2007-3615
Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.02
EPSS Ranking 82.5%
CVSS Severity
CVSS v2 Score 7.8
References
- http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0105.html
- http://osvdb.org/38095
- http://secunia.com/advisories/25964
- http://securityreason.com/securityalert/2875
- http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/
- http://www.securityfocus.com/archive/1/472890/100/0/threaded
- http://www.securityfocus.com/bid/24774
- http://www.securitytracker.com/id?1018336
- http://www.vupen.com/english/advisories/2007/2450
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35278
- http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0105.html
- http://osvdb.org/38095
- http://secunia.com/advisories/25964
- http://securityreason.com/securityalert/2875
- http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/
- http://www.securityfocus.com/archive/1/472890/100/0/threaded
- http://www.securityfocus.com/bid/24774
- http://www.securitytracker.com/id?1018336
- http://www.vupen.com/english/advisories/2007/2450
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35278
Products affected by CVE-2007-3615
-
cpe:2.3:a:sap:internet_communication_manager:7.21ext
-
cpe:2.3:a:sap:internet_communication_manager:7.22
-
cpe:2.3:a:sap:internet_communication_manager:7.22ext
-
cpe:2.3:a:sap:internet_communication_manager:7.49
-
cpe:2.3:a:sap:internet_communication_manager:7.53
-
cpe:2.3:a:sap:internet_communication_manager:7.73
-
cpe:2.3:a:sap:internet_communication_manager:7.77
-
cpe:2.3:a:sap:internet_communication_manager:7.81
-
cpe:2.3:a:sap:internet_communication_manager:7.82
-
cpe:2.3:a:sap:internet_communication_manager:kernel_7.21
-
cpe:2.3:a:sap:internet_communication_manager:krnl32nuc_7.21
-
cpe:2.3:a:sap:internet_communication_manager:krnl32uc_7.21
-
cpe:2.3:a:sap:internet_communication_manager:krnl64nuc_7.21
-
cpe:2.3:a:sap:internet_communication_manager:krnl64uc_7.21
-
cpe:2.3:a:sap:internet_communication_manager:webdisp_7.53
-
cpe:2.3:a:sap:sap_web_application_server:6.10
-
cpe:2.3:a:sap:sap_web_application_server:6.20
-
cpe:2.3:a:sap:sap_web_application_server:6.40
-
cpe:2.3:a:sap:sap_web_application_server:7.0
-
cpe:2.3:a:sap:sap_web_application_server:7.0.10
-
cpe:2.3:o:microsoft:all_windows:*