Sap: >> Maxdb >> 7.6.0.37 Security Vulnerabilities
Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows remote attackers to execute arbitrary code via an invalid length parameter in a handshake packet to TCP port 7210. NOTE: some of these details are obtained from third party information.
CVSS Score
10.0
EPSS Score
0.422
Published
2010-03-29
sdbstarter in SAP MaxDB 7.6.0.37, and possibly other versions, allows local users to execute arbitrary commands by using unspecified environment variables to modify configuration settings.
CVSS Score
6.9
EPSS Score
0.001
Published
2008-03-11
Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code via unknown vectors that trigger heap corruption.
CVSS Score
9.3
EPSS Score
0.042
Published
2008-03-11