[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Correction to: ZDI-10-151: SAP Crystal Reports 2008 GIOP Message Size Integer Overflow Remote Code Execution Vulnerability
On 8/11/2010 12:12 PM, ZDI Disclosures wrote:
The specific flaw exists within the ebus-3-3-2-6.dll module responsible for parsing GIOP requests for multiple processes.
Does this affect only version 22.214.171.124?
-- Vendor Response:
SAP has issued an update to correct this vulnerability. More details can be found at:
Do they have a public version of the advisory? This one seems to
require a login.