Skip links
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

Possible execution of arbitrary commands in RFC SDK tools, SAP security note 1481923

Description

An attacker can exploit a memory corruption in the tools of the RFC SDK on the client to
change the program run so that arbitrary commands are executed.
   As a result, all data of this tool
can be seen, deleted or changed.

Available fix and Supported packages

  • SAP_BASIS | 46A | 46D
  • SAP_BASIS | 610 | 640
  • SAP_BASIS | 700 | 702

Affected component

    BC-MID-RFC
    RFC

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/1481923

TAGS

#Buffer-overflow
#buffer-overrun
#remote-code-execution

More to explorer