CVE-2015-2815
SAP NetWeaver KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) - Authenticated Buffer Overflow in C_SAPGPARAM
Title source: llmDescription
Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2063369.
References (5)
Core 5
Core References
Mailing List mailing-list
x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/Jun/61
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/132353/SAP-NetWeaver-Dispatcher-Buffer-Overflow.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/535825/100/800/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/73897
Third Party Advisory x_refsource_misc
https://erpscan.io/advisories/erpscan-15-003-sapkernel-c_sapgparam-rce-dos/
Scores
EPSS
0.0346
EPSS Percentile
87.7%
Details
CWE
CWE-119
Status
published
Products (2)
sap/netweaver
7.0
sap/netweaver
7.40
Published
Apr 01, 2015
Tracked Since
Feb 18, 2026