CVE-2015-2278

SAP GUI - Denial of Service via LZH Decompression Out-of-Bounds Read

Title source: llm

Description

The LZH decompression implementation (CsObjectInt::BuildHufTree function in vpa108csulzh.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to look-ups of non-simple codes, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316.

References (6)

Core 6

Core References

Exploit mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2015/May/50

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/74643

Exploit x_refsource_misc

http://packetstormsecurity.com/files/131883/SAP-LZC-LZH-Compression-Denial-Of-Service.html

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/535535/100/0/threaded

Exploit mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2015/May/96

Exploit x_refsource_misc

http://www.coresecurity.com/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities

Scores

EPSS 0.0072

EPSS Percentile 72.7%

Details

CWE

CWE-119

Status published

Products (7)

sap/gui

sap/maxdb 7.5

sap/maxdb 7.6

sap/netweaver_abap_application_server

sap/netweaver_java_application_server

sap/netweaver_rfc_sdk

sap/rfc_library

Published Jun 02, 2015

Tracked Since Feb 18, 2026