CVE-2010-4556

2010-12-1718:00:00

mitre

www.cve.org

8.1 High

AI Score

Confidence

High

0.215 Low

EPSS

Percentile

96.5%

JSON

Stack-based buffer overflow in the SapThemeRepository ActiveX control (sapwdpcd.dll) in SAP NetWeaver Business Client allows remote attackers to execute arbitrary code via the (1) Load and (2) LoadTheme methods.

References

secunia.com/advisories/35796

www.securityfocus.com/bid/45396

www.securitytracker.com/id?1024890

www.vupen.com/english/advisories/2010/3239

www.zerodayinitiative.com/advisories/ZDI-10-290/

exchange.xforce.ibmcloud.com/vulnerabilities/64061

service.sap.com/sap/support/notes/1519966