CVE-2007-6254

Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/29437	Vendor Advisory
http://www.kb.cert.org/vuls/id/329673	Exploit US Government Resource
http://www.kb.cert.org/vuls/id/MIMG-732R7X	Patch
http://www.securityfocus.com/bid/28292
http://www.securitytracker.com/id?1019668
http://www.vupen.com/english/advisories/2008/0927/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41256

Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:business_objects:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2008-03-20 00:44

Updated : 2017-08-08 01:29

NVD link : CVE-2007-6254

Mitre link : CVE-2007-6254

CVE.ORG link : CVE-2007-6254

JSON object : View

Products Affected

sap

business_objects

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

{"id": "CVE-2007-6254", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2008-03-20T00:44:00.000", "references": [{"url": "http://secunia.com/advisories/29437", "tags": ["Vendor Advisory"], "source": "cret@cert.org"}, {"url": "http://www.kb.cert.org/vuls/id/329673", "tags": ["Exploit", "US Government Resource"], "source": "cret@cert.org"}, {"url": "http://www.kb.cert.org/vuls/id/MIMG-732R7X", "tags": ["Patch"], "source": "cret@cert.org"}, {"url": "http://www.securityfocus.com/bid/28292", "source": "cret@cert.org"}, {"url": "http://www.securitytracker.com/id?1019668", "source": "cret@cert.org"}, {"url": "http://www.vupen.com/english/advisories/2008/0927/references", "source": "cret@cert.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41256", "source": "cret@cert.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer basado en pila en el control ActiveX SAP Business Objects BusinessObjects RptViewerAX en RptViewerAX.dll de Business Objects 6.5 anterior a CHF74 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n utilizando vectores no especificados."}], "lastModified": "2017-08-08T01:29:02.947", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:business_objects:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BD5A176-9F56-45BB-8A01-F14DED89413D", "versionEndIncluding": "6.5"}], "operator": "OR"}]}], "sourceIdentifier": "cret@cert.org"}