NVD Vulnerability Detail

CVE-2015-2278

Summary	The LZH decompression implementation (CsObjectInt::BuildHufTree function in vpa108csulzh.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to look-ups of non-simple codes, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316.
Publication Date	June 2, 2015, 11:59 p.m.
Registration Date	Jan. 26, 2021, 2:47 p.m.
Last Update	Nov. 21, 2024, 11:27 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:sap:maxdb:7.5:::::::*
cpe:2.3:a:sap:gui:-:::::::*
cpe:2.3:a:sap:maxdb:7.6:::::::*
cpe:2.3:a:sap:netweaver_java_application_server:-:::::::*
cpe:2.3:a:sap:netweaver_abap_application_server:-:::::::*
cpe:2.3:a:sap:netweaver_rfc_sdk:-:::::::*
cpe:2.3:a:sap:rfc_library::::::::

Related information, measures and tools

No	URL	タグ
1	http://packetstormsecurity.com/files/131883/SAP-LZC-LZH-Compression-Denial-Of-Service.html	Exploit
2	http://packetstormsecurity.com/files/131883/SAP-LZC-LZH-Compression-Denial-Of-Service.html	Exploit
3	http://seclists.org/fulldisclosure/2015/May/50	Exploit
4	http://seclists.org/fulldisclosure/2015/May/50	Exploit
5	http://seclists.org/fulldisclosure/2015/May/96	Exploit
6	http://seclists.org/fulldisclosure/2015/May/96	Exploit
7	http://www.coresecurity.com/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities	Exploit
8	http://www.coresecurity.com/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities	Exploit
9	http://www.securityfocus.com/archive/1/535535/100/0/threaded
10	http://www.securityfocus.com/archive/1/535535/100/0/threaded
11	http://www.securityfocus.com/bid/74643
12	http://www.securityfocus.com/bid/74643

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-119	バッファエラー	https://cwe.mitre.org/data/definitions/118.html

JVN Vulnerability Information

複数の SAP 製品の LZH 解凍の実装におけるサービス運用妨害 (DoS) の脆弱性

Title	複数の SAP 製品の LZH 解凍の実装におけるサービス運用妨害 (DoS) の脆弱性
Summary	複数の SAP 製品の LZH 解凍の実装 (vpa108csulzh.cpp の CsObjectInt::BuildHufTree 関数) には、non-simple コードのルックアップに関する処理に不備があるため、サービス運用妨害 (out-of-bounds read) 状態にされる脆弱性が存在します。ベンダは、本脆弱性を SAP Security Note 2124806、2121661、2127995、および 2125316 として公開しています。
Possible impacts	攻撃者により、サービス運用妨害 (out-of-bounds read) 状態にされる可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	May 12, 2015, midnight
Registration Date	June 4, 2015, 2:09 p.m.
Last Update	June 4, 2015, 2:09 p.m.

Affected System

SAP

SAP GUI

SAP MaxDB 7.5

SAP MaxDB 7.6

SAP Netweaver Application Server ABAP

SAP Netweaver Application Server Java

SAP NetWeaver RFC SDK 　

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2015-2278	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2278
National Vulnerability Database (NVD)
2	CVE-2015-2278	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2278

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-119	https://jvndb.jvn.jp/ja/cwe/CWE-119.html

ベンダー情報

No	Name	URL
Acknowledgments to Security Researchers
1	SAP Security Note 2124806/2121661/2127995/2125316	http://scn.sap.com/docs/DOC-55451

その他

No	Name	URL
関連文書
1	SAP LZC LZH Compression Multiple Vulnerabilities	http://www.coresecurity.com/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities

Change Log

No	Changed Details	Date of change
0	[2015年06月04日] 掲載	Feb. 17, 2018, 10:37 a.m.

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:sap:maxdb:7.5:::::::*
cpe:2.3:a:sap:gui:-:::::::*
cpe:2.3:a:sap:maxdb:7.6:::::::*
cpe:2.3:a:sap:netweaver_java_application_server:-:::::::*
cpe:2.3:a:sap:netweaver_abap_application_server:-:::::::*
cpe:2.3:a:sap:netweaver_rfc_sdk:-:::::::*
cpe:2.3:a:sap:rfc_library::::::::