CyberSec.Space Logo
Back to CVE Browser

CVE-2012-4341

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0190%
EPSS Percentile31.03th
PublishedAug 15, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900.

Affected Platforms (CPE)

πŸ“¦
Sap

Netweaver Abap

= 7.0
πŸ“¦
Sap

Netweaver Abap

= 7.02
πŸ“¦
Sap

Netweaver Abap

= 7.03

References & Advisories

πŸ”— http://scn.sap.com/docs/DOC-8218
πŸ”— http://secunia.com/advisories/49744
πŸ”— http://www.securitytracker.com/id?1027211
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-12-104/
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-12-111/
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-12-112/
πŸ”— https://service.sap.com/sap/support/notes/1649838
πŸ”— https://websmp230.sap-ag.de/sap%28bD1lbiZjPTAwMQ==%29/bc/bsp/spn/sapnotes/index2.htm?numm=1649840

Related Vulnerabilities

CVE-2021-276109.8

SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804, does not creat...

CVE-2021-404999.8

Client-side printing services SAP Cloud Print Manager and SAPSprint for SAP NetWeaver Application Server for ABAP - versions 7.70,...

CVE-2020-62759.8

SAP Netweaver AS ABAP, versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, are vulnerable for Server Side Re...

CVE-2019-03049.8

FTP Function of SAP NetWeaver AS ABAP Platform, versions- KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7....