CVE-2007-6254

Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.kb.cert.org/vuls/id/MIMG-732R7X	Patch
http://www.kb.cert.org/vuls/id/329673	Exploit US Government Resource
http://www.securityfocus.com/bid/28292
http://www.securitytracker.com/id?1019668
http://secunia.com/advisories/29437	Vendor Advisory
http://www.vupen.com/english/advisories/2008/0927/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41256

Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:business_objects:*:*:*:*:*:*:*:*

Information

Published : 2008-03-19 17:44

Updated : 2017-08-07 18:29

NVD link : CVE-2007-6254

Mitre link : CVE-2007-6254

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

sap

business_objects

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.kb.cert.org/vuls/id/MIMG-732R7X", "name": "http://www.kb.cert.org/vuls/id/MIMG-732R7X", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.kb.cert.org/vuls/id/329673", "name": "VU#329673", "tags": ["Exploit", "US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://www.securityfocus.com/bid/28292", "name": "28292", "tags": [], "refsource": "BID"}, {"url": "http://www.securitytracker.com/id?1019668", "name": "1019668", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/29437", "name": "29437", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2008/0927/references", "name": "ADV-2008-0927", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41256", "name": "businessobjects-rptviewerax-bo(41256)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-119"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-6254", "ASSIGNER": "cert@cert.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2008-03-20T00:44Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:sap:business_objects:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "6.5"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-08T01:29Z"}

9.3 /10