BugTraq
ZDI-10-151: SAP Crystal Reports 2008 GIOP Message Size Integer Overflow Remote Code Execution Vulnerability Aug 11 2010 04:00PM ZDI Disclosures (zdi-disclosures tippingpoint com) (1 replies) RE: Correction to: ZDI-10-151: SAP Crystal Reports 2008 GIOP Message Size Integer Overflow Remote Code Execution Vulnerability Aug 11 2010 04:12PM ZDI Disclosures (zdi-disclosures tippingpoint com) (1 replies) |
Privacy Statement |
> The specific flaw exists within the ebus-3-3-2-6.dll module responsible for parsing GIOP requests for multiple processes.
Does this affect only version 3.3.2.6?
> -- Vendor Response:
> SAP has issued an update to correct this vulnerability. More details can be found at:
>
> https://service.sap.com/sap/support/notes/1473327
Do they have a public version of the advisory? This one seems to
require a login.
[ reply ]