SAP Netweaver DiagTraceR3Info Remote Buffer Overflow Exploit

The DiagTraceR3Info function of the disp+work.exe component of SAP Netweaver is prone to a remote buffer overflow when the work process trace level is set to values 2 or 3 for the Dialog Processor component. This vulnerability can be exploited to execute arbitrary code on the vulnerable machine by sending a specially crafted packet containing ST_R3INFO CODEPAGE items.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2012-2611
Product Version: 
12.3
Released Date: 
Friday, May 18, 2012 - 00:00