High

DATE	CVE	VULNERABILITY TITLE	RISK
2008-02-06	CVE-2008-0621	Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in SAP Sapgui, Saplpd and Sapsprint Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands. network low complexity sap CWE-119	7.5
2004-04-15	CVE-2003-1035	Unspecified vulnerability in SAP R 3 and Sapgui The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does. network low complexity sap	7.5