SAP Netweaver Message Server _MsJ2EE_AddStatistics Memory Corruption Exploit

The Message Server component of SAP Netweaver is prone to a memory corruption vulnerability when the _MsJ2EE_AddStatistics function handles a specially crafted request with iflag value 0x0c MS_J2EE_SEND_TO_CLUSTERID, or 0x0d MS_J2EE_SEND_BROADCAST. This vulnerability can be exploited by remote unauthenticated attackers to execute arbitrary code on the vulnerable server.
Exploit type: 
Vulnerabilty ID: 
Product Version: 
2013 R1
Released Date: 
Thursday, May 23, 2013 - 00:00