What is CVE-2007-3614?

CVE-2007-3614 is a vulnerability in N/a. Published 2007-07-06.

Is CVE-2007-3614 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2007-3614

Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP DB Web Server) in SAP DB, possibly 7.3 through 7.5, allow remote attackers to execute arbitrary code via (1) a certain cookie value; (2) a certain additional parameter, relat…

EPSS: 0.841 (99.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

rapid7/metasploit-framework

References

www.ngssoftware.com/advisories/critical-risk-vulnerability-in-sap-db-web-server… (x_refsource_MISC)
1018341 (vdb-entry, x_refsource_SECTRACK)
sapdb-wahttp-bo(35277) (vdb-entry, x_refsource_XF)
24773 (vdb-entry, x_refsource_BID)
37838 (x_refsource_OSVDB, vdb-entry)
20070705 SAP DB Web Server Stack Overflow (mailing-list, x_refsource_BUGTRAQ)
2867 (x_refsource_SREASON, third-party-advisory)
VU#679041 (x_refsource_CERT-VN, third-party-advisory)
ADV-2007-2453 (vdb-entry, x_refsource_VUPEN)
25954 (x_refsource_SECUNIA, third-party-advisory)

Frequently asked questions

What is CVE-2007-3614?: CVE-2007-3614 is a vulnerability in N/a. Published 2007-07-06.
Is CVE-2007-3614 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.