CVE-2003-1039

SAP mySAP Business Suite - Remote Code Execution via Long HTTP Host Header

Title source: llm
STIX 2.1

Description

Multiple buffer overflows in the mySAP.com architecture for SAP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) Message Server, (2) Web Dispatcher, or (3) Application Server.

References (2)

Core 2
Core References
Various Sources x_refsource_misc
http://www.phenoelit.de/stuff/Phenoelit20c3.pd
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15513

Scores

EPSS 0.0347
EPSS Percentile 87.7%

Details

Status published
Products (1)
sap/mysap_business_suite
Published Apr 15, 2004
Tracked Since Feb 18, 2026