CyberSec.Space Logo
Back to CVE Browser

CVE-2006-6346

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1120%
EPSS Percentile33.08th
PublishedDec 7, 2006
Last ModifiedApr 23, 2026

Vulnerability Description

Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier, allows remote attackers to cause a denial of service (service shutdown), obtain sensitive information (configuration files), and conduct certain other unauthorized activities, related to "Undocumented Features." NOTE: it is possible that there are multiple issues. This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. This is likely a different issue than CVE-2006-4134.

Affected Platforms (CPE)

πŸ“¦
Sap

Internet Graphics Server

<= 6.40_patch_15
πŸ“¦
Sap

Internet Graphics Server

<= 7.00_patch_3

References & Advisories

πŸ”— http://secunia.com/advisories/23262
πŸ”— http://securityreason.com/securityalert/1985
πŸ”— http://securitytracker.com/id?1017341
πŸ”— http://www.cybsec.com/vuln/CYBSEC-Security_Pre-Advisory_SAP_IGS_Undocumented_Features.pdf
πŸ”— http://www.securityfocus.com/archive/1/453560/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/21448
πŸ”— http://www.vupen.com/english/advisories/2006/4863
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/30766

Related Vulnerabilities

CVE-2008-30139.3

gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Ser...

CVE-2014-02639.3

The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Go...

CVE-2018-23958.8

Under certain conditions a malicious user may retrieve information on SAP Internet Graphic Server (IGS), 7.20, 7.20EXT, 7.45, 7.49...

CVE-2018-23927.5

Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity...