Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2013-1592

A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code.

  • Published: Jan 23, 2020
  • Updated: Apr 13, 2023
  • CVE: CVE-2013-1592
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 10
  • AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
sap / netweaver 2004s 2004s.x
sap / netweaver 7.01-sr1 7.01-sr1.x
sap / netweaver 7.02-sp06 7.02-sp06.x
sap / netweaver 7.30-sp04 7.30-sp04.x