Dmitry Yudin

**Name of the Vulnerable Software and Affected Versions** SAP JAVA AS versions 7.2 through 7.4 **Description** The issue allows remote attackers to cause a denial of service, resulting in heap memory corruption and process crash, via a crafted HTTP request. This is related to the `IctParseCookies` function. **Recommendations** For SAP JAVA AS versions 7.2 through 7.4, consider applying the fix provided in SAP Security Note 2256185 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** SAP JAVA AS versions 7.2 through 7.4 **Description** The issue allows remote attackers to cause a denial of service, resulting in a process crash, via a crafted HTTP request. **Recommendations** For SAP JAVA AS versions 7.2 through 7.4, update to a version that contains a fix for this issue to prevent remote attackers from causing a denial of service.