CyberSec.Space Logo
返回 CVE 浏览器

CVE-2006-2547

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0670%
EPSS Percentile19.13th
Published2006年5月23日
Last Modified2026年4月16日

Vulnerability Description

Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to "insecure environment variable" handling.

Affected Platforms (CPE)

📦
Sap

Sapdba

All versions

References & Advisories

🔗 http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046130.html
🔗 http://secunia.com/advisories/20180
🔗 http://securityreason.com/securityalert/941
🔗 http://securitytracker.com/id?1016122
🔗 http://www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Local_Privilege_Escalation_in_SAP_sapdba_Command.pdf
🔗 http://www.securityfocus.com/archive/1/434534/30/4890/threaded
🔗 http://www.securityfocus.com/bid/18028
🔗 http://www.vupen.com/english/advisories/2006/1861

相关漏洞威胁

CVE-2006-136810.0

Buffer overflow in the USB Gadget RNDIS implementation in the Linux kernel before 2.6.16 allows remote attackers to cause a denial...

CVE-2006-127610.0

admin.php in Himpfen Consulting Company PHP SimpleNEWS 1.0.0 allows remote attackers to bypass authentication by setting the admin...

CVE-2006-099210.0

Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary co...

CVE-2006-138110.0

Trend Micro OfficeScan 5.5, and probably other versions before 6.5, uses insecure DACLs for critical files, which allows local use...