Lucene search
MitreCVE-2003-1036HistoryApr 15, 2004 - 4:00 a.m.
CVE-2003-1036
2004-04-1504:00:00
mitre
web.nvd.nist.gov
22
sap
agate
its
buffer overflows
cve-2003-1036
security vulnerability
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.024
Percentile
90.2%
Multiple buffer overflows in the AGate component for SAP Internet Transaction Server (ITS) allow remote attackers to execute arbitrary code via long (1) ~command, (2) ~runtimemode, or (3) ~session parameters, or (4) a long HTTP Content-Type header.
Affected configurations
Node
sapinternet_transaction_serverRange≤4.6_pl463
ORsapinternet_transaction_serverRange≤6.10_pl30
ORsapinternet_transaction_serverRange≤6.20_pl7
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sap | internet_transaction_server | * | cpe:2.3:a:sap:internet_transaction_server:*:*:*:*:*:*:*:* |
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.024
Percentile
90.2%
Related for CVE-2003-1036