QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2015-2278

Back to search

CVE-2015-2278

Published: Jun 2, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The LZH decompression implementation (CsObjectInt::BuildHufTree function in vpa108csulzh.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-dependent attackers to cause a denial of service (out-of-bounds read) via unspecified vectors, related to look-ups of non-simple codes, aka SAP Security Note 2124806, 2121661, 2127995, and 2125316.

VendorProductVersions

n/a

n/a

affected
n/a

References

74643
vdb-entry
x_refsource_BID
20150522 SAP Security Notes May 2015
mailing-list
x_refsource_FULLDISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now