First published: Thu Dec 07 2006(Updated: )
Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier, allows remote attackers to cause a denial of service (service shutdown), obtain sensitive information (configuration files), and conduct certain other unauthorized activities, related to "Undocumented Features." NOTE: it is possible that there are multiple issues. This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. This is likely a different issue than CVE-2006-4134.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
SAP Internet Graphics Server | <=7.00_patch_3 | |
SAP Internet Graphics Server | <=6.40_patch_15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2006-6346 has been classified as a significant vulnerability that could result in denial of service and unauthorized access to sensitive information.
To remediate CVE-2006-6346, upgrade SAP Internet Graphics Service to version 6.40 Patchlevel 16 or 7.00 Patchlevel 4 or later.
Exploiting CVE-2006-6346 can lead to service shutdown and exposure of sensitive configuration files.
CVE-2006-6346 affects SAP Internet Graphics Service versions 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier.
Yes, CVE-2006-6346 can enable attackers to obtain sensitive information and perform unauthorized actions.