CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2015-7730

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0110%
EPSS Percentile31.13th
Published2015年10月15日
Last Modified2026年5月6日

Vulnerability Description

SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote attackers to cause a denial of service (out-of-bounds read and listener crash) via a crafted GIOP packet, aka SAP Security Note 2001108.

Affected Platforms (CPE)

📦
Sap

Businessobjects

= 4.1
📦
Sap

Businessobjects Edge

= 4.0
📦
Sap

Businessobjects Xi

= 3.1
📦
Sap

Businessobjects Xi

= r3

References & Advisories

🔗 http://seclists.org/fulldisclosure/2015/Sep/81
🔗 http://www.securitytracker.com/id/1033637
🔗 https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition
🔗 https://www.onapsis.com/research/security-advisories/SAP-Business-Objects-Memory-Corruption
🔗 http://seclists.org/fulldisclosure/2015/Sep/81
🔗 http://www.securitytracker.com/id/1033637
🔗 https://www.onapsis.com/blog/analyzing-sap-security-notes-may-2015-edition
🔗 https://www.onapsis.com/research/security-advisories/SAP-Business-Objects-Memory-Corruption

相關漏洞威脅

CVE-2010-021910.0

Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a de...

CVE-2014-938710.0

SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and gain privileges...

CVE-2019-02599.8

SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (including script files) with...

CVE-2014-93209.8

SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and consequently ga...