Vulnerabilities > SAP > Internet Graphics Server > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-05-09 | CVE-2018-2420 | Unrestricted Upload of File with Dangerous Type vulnerability in SAP Internet Graphics Server SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to upload any file (including script files) without proper file format validation. | 7.5 |
2006-12-07 | CVE-2006-6345 | Directory Traversal vulnerability in SAP Internet Graphics Service Directory traversal vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 16 and earlier, and 7.00 Patchlevel 6 and earlier, allows remote attackers to delete arbitrary files via directory traversal sequences in an HTTP request. | 7.5 |
2006-08-14 | CVE-2006-4133 | Remote Buffer Overflow vulnerability in SAP Internet Graphics Server Heap-based buffer overflow in SAP Internet Graphics Service (IGS) 6.40 and earlier, and 7.00 and earlier, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via an HTTP request with an ADM:GETLOGFILE command and a long portwatcher argument, which triggers the overflow during error message construction when the _snprintf function returns a negative value that is used in a memcpy operation. | 7.5 |