4.6

CVE-2006-5784

EPSS 3.91%
Published 07.11.2006 23:07:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Unspecified vulnerability in enserver.exe in SAP Web Application Server 6.40 before patch 136 and 7.00 before patch 66 allows remote attackers to read arbitrary files via crafted data on a "3200+SYSNR" TCP port, as demonstrated by port 3201. NOTE: this issue can be leveraged by local users to access a named pipe as the SAPServiceJ2E user.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

SAP ≫ Sap Web Application Server Version6.40

SAP ≫ Sap Web Application Server Version7.00

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.91%	0.878

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/22677

Patch

Vendor Advisory

http://securityreason.com/securityalert/1828

http://www.securityfocus.com/archive/1/450394/100/0/threaded

http://www.securityfocus.com/archive/1/459499/100/0/threaded

http://www.securityfocus.com/bid/20877

http://www.securitytracker.com/id?1017628

http://www.vupen.com/english/advisories/2006/4318

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/29982

https://www.exploit-db.com/exploits/3291

https://nvd.nist.gov/vuln/detail/CVE-2006-5784

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-5784

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-5784

EUVD