CyberSec.Space Logo
返回 CVE 浏览器

CVE-2007-3624

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1430%
EPSS Percentile9.98th
Published2007年7月9日
Last Modified2026年4月23日

Vulnerability Description

Heap-based buffer overflow in the Message HTTP Server in SAP Message Server allows remote attackers to execute arbitrary code via a long string in the group parameter to /msgserver/html/group.

Affected Platforms (CPE)

📦
Sap

Sap Message Server

All versions

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=118365794615827&w=2
🔗 http://osvdb.org/38096
🔗 http://secunia.com/advisories/25966
🔗 http://securitytracker.com/id?1018340
🔗 http://www.kb.cert.org/vuls/id/305657
🔗 http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-sap-message-server-heap-overflow/
🔗 http://www.securityfocus.com/bid/24765
🔗 http://www.vupen.com/english/advisories/2007/2451

相关漏洞威胁

CVE-2013-15929.8

A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially craft...

CVE-2021-381628.9

SAP Web Dispatcher versions - 7.49, 7.53, 7.77, 7.81, KRNL64NUC - 7.22, 7.22EXT, 7.49, KRNL64UC -7.22, 7.22EXT, 7.49, 7.53, KERNEL...

CVE-2026-236878.8

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid ...

CVE-2019-04047.5

SAP Enable Now, before version 1911, leaks information about network configuration in the server error messages, leading to Inform...