Vulnerabilities > CVE-2007-3615 - Unspecified vulnerability in SAP products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote attackers to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related to configuration of a web cache.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 1 | |
| Application | 6 |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0105.html
- http://archives.neohapsis.com/archives/fulldisclosure/2007-07/0105.html
- http://osvdb.org/38095
- http://osvdb.org/38095
- http://secunia.com/advisories/25964
- http://secunia.com/advisories/25964
- http://securityreason.com/securityalert/2875
- http://securityreason.com/securityalert/2875
- http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/
- http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-internet-communication-manager-dos/
- http://www.securityfocus.com/archive/1/472890/100/0/threaded
- http://www.securityfocus.com/archive/1/472890/100/0/threaded
- http://www.securityfocus.com/bid/24774
- http://www.securityfocus.com/bid/24774
- http://www.securitytracker.com/id?1018336
- http://www.securitytracker.com/id?1018336
- http://www.vupen.com/english/advisories/2007/2450
- http://www.vupen.com/english/advisories/2007/2450
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35278
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35278