Description
Stack-based buffer overflow in the LZC decompression implementation (CsObjectInt::CsDecomprLZC function in vpa106cslzc.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316.
References (6)
Core 6
Core References
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/May/50
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/74643
Exploit x_refsource_misc
http://packetstormsecurity.com/files/131883/SAP-LZC-LZH-Compression-Denial-Of-Service.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/535535/100/0/threaded
Exploit mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/May/96
Exploit x_refsource_misc
http://www.coresecurity.com/advisories/sap-lzc-lzh-compression-multiple-vulnerabilities
Scores
EPSS
0.0092
EPSS Percentile
76.1%
Details
CWE
CWE-119
Status
published
Products (7)
sap/gui
sap/maxdb
7.5
sap/maxdb
7.6
sap/netweaver_abap_application_server
sap/netweaver_java_application_server
sap/netweaver_rfc_sdk
sap/rfc_library
Published
Jun 02, 2015
Tracked Since
Feb 18, 2026