製品・ソフトウェアに関する情報

JVN脆弱性詳細

SAP DB の waHTTP.exe におけるスタックベースのバッファーオーバーフローの脆弱性

Title	SAP DB の waHTTP.exe におけるスタックベースのバッファーオーバーフローの脆弱性
Summary	SAP DB の waHTTP.exe は、sapdbwa_GetQueryString、および "多数の他のフィールド" に関する処理に不備があるため、スタックベースのバッファーオーバーフローの脆弱性が存在します。
Possible impacts	第三者により、(1) 特定のクッキーの値、(2) 特定の追加パラメータを介して、任意のコードを実行される可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	July 6, 2007, midnight
Registration Date	Dec. 20, 2012, 6:33 p.m.
Last Update	Dec. 20, 2012, 6:33 p.m.

CVSS2.0 : 危険
Score	7.5
Vector	AV:N/AC:L/Au:N/C:P/I:P/A:P

Affected System

SAP

sap db 7.3 から 7.5

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2007-3614	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3614
National Vulnerability Database (NVD)
2	CVE-2007-3614	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-3614

ベンダー情報

No	Name	URL
SAP
1	Top Page	http://www.sapdb.org/

その他

No	Name	URL
US-CERT Vulnerability Note
1	VU#679041	http://www.kb.cert.org/vuls/id/679041

Change Log

No	Changed Details	Date of change
0	[2012年12月20日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2007-3614

Summary	Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP DB Web Server) in SAP DB, possibly 7.3 through 7.5, allow remote attackers to execute arbitrary code via (1) a certain cookie value; (2) a certain additional parameter, related to sapdbwa_GetQueryString; and other unspecified vectors related to "numerous other fields."
Summary	Múltiples desbordamientos de búfer basado en pila en waHTTP.exe (también conocido como SAP DB Web Server) en SAP DB, posiblemente 7.3 hasta 7.5, permiten a atacantes remotos ejecutar código de su elección mediante (1) un valor determinado de cookie; (2) una parámetro adicional determinado, relativo a sapdbwa_GetQueryString; y otros vectores no especificados relativos a "otros muchos campos".
Publication Date	July 7, 2007, 4:30 a.m.
Registration Date	Jan. 29, 2021, 2:16 p.m.
Last Update	April 23, 2026, 9:35 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:sap:sap_db:7.3.00:::::::*
cpe:2.3:a:sap:sap_db:7.3.29:::::::*
cpe:2.3:a:sap:sap_db:7.4:::::::*
cpe:2.3:a:sap:sap_db:7.4.3:::::::*
cpe:2.3:a:sap:sap_db:7.4.3.7_beta:::::::*
cpe:2.3:a:sap:sap_db:7.4.03.29:::::::*
cpe:2.3:a:sap:sap_db:7.4.03.30:::::::*
cpe:2.3:a:sap:sap_db:7.5:::::::*

Related information, measures and tools

No	URL	refsource
1	http://osvdb.org/37838	cve@mitre.org
2	http://secunia.com/advisories/25954	cve@mitre.org
3	http://securityreason.com/securityalert/2867	cve@mitre.org
4	http://www.kb.cert.org/vuls/id/679041	cve@mitre.org
5	http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-sap-db-web-server-stack-overflow/	cve@mitre.org
6	http://www.securityfocus.com/archive/1/472891/100/0/threaded	cve@mitre.org
7	http://www.securityfocus.com/bid/24773	cve@mitre.org
8	http://www.securitytracker.com/id?1018341	cve@mitre.org
9	http://www.vupen.com/english/advisories/2007/2453	cve@mitre.org
10	https://exchange.xforce.ibmcloud.com/vulnerabilities/35277	cve@mitre.org
11	http://osvdb.org/37838	af854a3a-2127-422b-91ae-364da2661108
12	http://secunia.com/advisories/25954	af854a3a-2127-422b-91ae-364da2661108
13	http://securityreason.com/securityalert/2867	af854a3a-2127-422b-91ae-364da2661108
14	http://www.kb.cert.org/vuls/id/679041	af854a3a-2127-422b-91ae-364da2661108
15	http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-sap-db-web-server-stack-overflow/	af854a3a-2127-422b-91ae-364da2661108
16	http://www.securityfocus.com/archive/1/472891/100/0/threaded	af854a3a-2127-422b-91ae-364da2661108
17	http://www.securityfocus.com/bid/24773	af854a3a-2127-422b-91ae-364da2661108
18	http://www.securitytracker.com/id?1018341	af854a3a-2127-422b-91ae-364da2661108
19	http://www.vupen.com/english/advisories/2007/2453	af854a3a-2127-422b-91ae-364da2661108
20	https://exchange.xforce.ibmcloud.com/vulnerabilities/35277	af854a3a-2127-422b-91ae-364da2661108

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:sap:sap_db:7.3.00:::::::*
cpe:2.3:a:sap:sap_db:7.3.29:::::::*
cpe:2.3:a:sap:sap_db:7.4:::::::*
cpe:2.3:a:sap:sap_db:7.4.3:::::::*
cpe:2.3:a:sap:sap_db:7.4.3.7_beta:::::::*
cpe:2.3:a:sap:sap_db:7.4.03.29:::::::*
cpe:2.3:a:sap:sap_db:7.4.03.30:::::::*
cpe:2.3:a:sap:sap_db:7.5:::::::*