CVE-2016-5845
MEDIUMSAP SAPCAR - DoS
Title source: llmDescription
SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Core Security · textdoslinux
https://www.exploit-db.com/exploits/40230
References (7)
Scores
CVSS v3
5.5
EPSS
0.0196
EPSS Percentile
83.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Classification
Status
draft
Affected Products (1)
sap/sapcar
Timeline
Published
Aug 13, 2016
Tracked Since
Feb 18, 2026