Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: Correction to: ZDI-10-151: SAP Crystal Reports 2008 GIOP Message Size Integer Overflow Remote Code Execution Vulnerability
Aug 13 2010 02:26PM
Steve Shockley (steve shockley shockley net)
On 8/11/2010 12:12 PM, ZDI Disclosures wrote:
> The specific flaw exists within the ebus-3-3-2-6.dll module responsible for parsing GIOP requests for multiple processes.
Does this affect only version 188.8.131.52?
> -- Vendor Response:
> SAP has issued an update to correct this vulnerability. More deta...
[ more ]
Copyright 2010, SecurityFocus