CVE-2007-6254: Buffer Overflow
First published: Thu Mar 20 2008(Updated: )
Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP BusinessObjects | <=6.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.kb.cert.org/vuls/id/MIMG-732R7X
- http://www.kb.cert.org/vuls/id/329673
- http://www.securityfocus.com/bid/28292
- http://www.securitytracker.com/id?1019668
- http://secunia.com/advisories/29437
- http://www.vupen.com/english/advisories/2008/0927/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41256
Frequently Asked Questions
What is the severity of CVE-2007-6254?
CVE-2007-6254 is considered to have a high severity due to the potential for remote code execution.
How do I fix CVE-2007-6254?
To fix CVE-2007-6254, upgrade to SAP Business Objects version 6.5 CHF74 or later.
What systems are affected by CVE-2007-6254?
CVE-2007-6254 affects SAP Business Objects versions prior to 6.5 CHF74.
Can CVE-2007-6254 be exploited remotely?
Yes, CVE-2007-6254 can be exploited remotely, allowing attackers to execute arbitrary code.
What types of attacks are associated with CVE-2007-6254?
CVE-2007-6254 is associated with stack-based buffer overflow attacks.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/author
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/sap
- canonical/sap businessobjects
- version/sap businessobjects/6.5