CVE-2010-4556

Stack-based buffer overflow in the SapThemeRepository ActiveX control (sapwdpcd.dll) in SAP NetWeaver Business Client allows remote attackers to execute arbitrary code via the (1) Load and (2) LoadTheme methods.

Published: Dec 17, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-4556
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
sap / netweaver_business_client	-	-

http://secunia.com/advisories/35796
http://www.securityfocus.com/bid/45396
http://www.securitytracker.com/id?1024890
http://www.vupen.com/english/advisories/2010/3239
http://www.zerodayinitiative.com/advisories/ZDI-10-290/
https://exchange.xforce.ibmcloud.com/vulnerabilities/64061
https://service.sap.com/sap/support/notes/1519966

Vulnerability Database

289,697

CVE-2010-4556