Vulnerability Details CVE-2015-4092
Buffer overflow in the XComms process in SAP Afaria 7.00.6620.2 SP5 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request, aka SAP Security Note 2153690.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://seclists.org/fulldisclosure/2015/May/96
- http://www.securityfocus.com/archive/1/536238/100/0/threaded
- http://www.securityfocus.com/bid/74797
- https://erpscan.io/advisories/erpscan-15-012-sap-afaria-7-xcomms-bof
- http://seclists.org/fulldisclosure/2015/May/96
- http://www.securityfocus.com/archive/1/536238/100/0/threaded
- http://www.securityfocus.com/bid/74797
- https://erpscan.io/advisories/erpscan-15-012-sap-afaria-7-xcomms-bof