Release date:
Updated on:
Affected Systems:
Sap net Weaver 7.0
Description:
--------------------------------------------------------------------------------
Bugtraq id: 52101
SAP NetWeaver is the integrated technology platform of SAP and the technical foundation of all SAP applications since SAP Business Suite.
SAP NetWeaver has the XSS, directory traversal, and information leakage vulnerabilities. Attackers can exploit these vulnerabilities to execute arbitrary script code and steal information.
<* Source: Dmitriy Chastukhin
Link: http://dsecrg.com/pages/vul/show.php? Id = 413
Http://dsecrg.com/pages/vul/show.php? Id = 415
Http://dsecrg.com/pages/vul/show.php? Id = 416
Http://dsecrg.com/pages/vul/show.php? Id = 412
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
SAP
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.sap.com/platform/netweaver/index.epx