Published: 02/06/2015 Updated: 09/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Stack-based buffer overflow in the LZC decompression implementation (CsObjectInt::CsDecomprLZC function in vpa106cslzc.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent malicious users to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sap maxdb 7.6
sap netweaver abap application server -
sap gui -
sap rfc library
sap maxdb 7.5
sap netweaver java application server -
sap netweaver rfc sdk -

SAP crypto offers customers choice of remote code execution or denial of service

The Register • Richard Chirgwin • 14 May 2015

Home-baked encryption followed the wrong recipe

Yet another proprietary implementation of a popular protocol has turned up unexpected vulnerabilities, with SAP's data compression software open to remote code execution and denial-of-service exploits. The implementation in question is SAP's code running the popular LZC and LZH compression algorithms. As outlined over at Full Disclosure, CVE-2015-2282 and CVE-2015-2278 is a pair of out-of-bounds reads and writes. As well as a nice bag of SAP products – various Netweaver servers, SDKs, the GUI,...

CVE-2015-2282

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect