SB2018021610 - Multiple vulnerabilities in SAP Internet Graphics Server

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018021610

SB2018021610 - Multiple vulnerabilities in SAP Internet Graphics Server

Published: February 16, 2018

Security Bulletin ID SB2018021610
CSH Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 20% Medium 20% Low 60%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 vulnerabilities.


1) Information disclosure (CVE-ID: CVE-2018-2382)

CWE-ID: CWE-200 - Exposure of sensitive information to an unauthorized actor

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to storing of graphics in a controlled area. A remote attacker can obtain sensitive information.

2) Cross-site scripting (CVE-ID: CVE-2018-2383)

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear


The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


3) NULL pointer dereference (CVE-ID: CVE-2018-2384)

CWE-ID: CWE-476 - NULL Pointer Dereference

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a NULL pointer dereference. A remote attacker can prevent legitimate users from accessing the application and cause the service to crash.

4) Divide by zero (CVE-ID: CVE-2018-2385)

CWE-ID: CWE-369 - Divide By Zero

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to a divide-by-zero. A remote attacker can prevent legitimate users from accessing the application and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

5) Memory corruption (CVE-ID: CVE-2018-2386)

CWE-ID: CWE-119 - Memory corruption

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to an out-of-bounds buffer overflow. A remote attacker can send an overly long argument, overflow a buffer and execute arbitrary code on the system or cause the application to crash.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


Remediation

Install update from vendor's website.

References