Dmitry Yudin

Researcher fromERPScan
#17862of 53,632
15Total CVSS
Vulnerabilities · 2
High
2
PT-2016-5789
7.5
2016-04-08
Sap · Sap As Java · CVE-2016-3979
**Name of the Vulnerable Software and Affected Versions** SAP JAVA AS versions 7.2 through 7.4 **Description** The issue allows remote attackers to cause a denial of service, resulting in heap memory corruption and process crash, via a crafted HTTP request. This is related to the `IctParseCookies` function. **Recommendations** For SAP JAVA AS versions 7.2 through 7.4, consider applying the fix provided in SAP Security Note 2256185 to resolve the issue.
PT-2016-5790
7.5
2016-04-08
Sap · Sap As Java · CVE-2016-3980
**Name of the Vulnerable Software and Affected Versions** SAP JAVA AS versions 7.2 through 7.4 **Description** The issue allows remote attackers to cause a denial of service, resulting in a process crash, via a crafted HTTP request. **Recommendations** For SAP JAVA AS versions 7.2 through 7.4, update to a version that contains a fix for this issue to prevent remote attackers from causing a denial of service.