The Message Server component of SAP Netweaver is prone to a memory corruption vulnerability when the _MsJ2EE_AddStatistics function handles a specially crafted request with iflag value 0x0c MS_J2EE_SEND_TO_CLUSTERID, or 0x0d MS_J2EE_SEND_BROADCAST.
This vulnerability can be exploited by remote unauthenticated attackers to execute arbitrary code on the vulnerable server.
This vulnerability can be exploited by remote unauthenticated attackers to execute arbitrary code on the vulnerable server.
CVE Link
Exploit Type - Old
Exploits/Remote
Exploit Platform
Product Name