CVE-2003-0944

SAP DB < 7.4.03.29 - Remote Code Execution via WAECHO RequestURI Buffer Overflow

Title source: llm
STIX 2.1

Description

Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI.

References (1)

Core 1
Core References
Exploit, Patch, Vendor Advisory vendor-advisory x_refsource_atstake
http://www.atstake.com/research/advisories/2003/a111703-2.txt

Scores

EPSS 0.0323
EPSS Percentile 87.2%

Details

Status published
Products (1)
sap/sap_db < 7.4.03.29
Published Dec 15, 2003
Tracked Since Feb 18, 2026