PT-2017-18582 · Sap · Sapcar

Alberto Solino

Published

2017-05-10

Updated

2017-08-16

CVE-2017-8852

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SAP SAPCAR version 721.510

Description The issue is a Heap Based Buffer Overflow that can be exploited with a crafted CAR archive file from an untrusted remote source. The problem arises because the length of data written is determined by an arbitrary number found within the file.

Recommendations For SAP SAPCAR version 721.510, apply the fix as described in SAP Security Note 2441560.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2017-8852

Affected Products

Sapcar

PT-2017-18582 · Sap · Sapcar

CVE-2017-8852

Weakness Enumeration

Related Identifiers

Affected Products

References · 5