CVE-2007-3624

Published: Jul 9, 2007Modified: Apr 23, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Heap-based buffer overflow in the Message HTTP Server in SAP Message Server allows remote attackers to execute arbitrary code via a long string in the group parameter to /msgserver/html/group.

Affected (1)

Products: Sap: Sap Message Server

Sap

1 product

Sap Message Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap Sap Message Server	All versions

References (18)

http://marc.info/?l=bugtraq&m=118365794615827&w=2

Source: cve@mitre.org

http://osvdb.org/38096

Source: cve@mitre.org

http://secunia.com/advisories/25966

Source: cve@mitre.org

PatchVendor Advisory

http://securitytracker.com/id?1018340

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/305657

Source: cve@mitre.org

US Government Resource

http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-sap-message-server-heap-overflow/

Source: cve@mitre.org

http://www.securityfocus.com/bid/24765

Source: cve@mitre.org

Exploit

http://www.vupen.com/english/advisories/2007/2451

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/35279

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=118365794615827&w=2