CVE-2009-4988

Name of the Vulnerable Software and Affected Versions SAP Business One versions 6.80.123 through 6.80.320

Description The issue is a stack-based buffer overflow in NT Naming Service.exe, allowing remote attackers to execute arbitrary code via a long GIOP request to TCP port 30000.

Recommendations For versions 6.80.123 through 6.80.320, consider restricting access to TCP port 30000 to minimize the risk of exploitation. As a temporary workaround, limit the length of GIOP requests to prevent buffer overflow until a patch is available.