Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1509800-4)
SAP Support Packages
(SAPKH31IB9, SAPKH40B89, SAPKH45B67, SAPKH46B62, SAPKH46C62, SAPKH47036, SAPKH50025, SAPKH60019, SAPKH60209, SAPKH60308, SAPKH60409, SAPKH60503, SAPKH60504)
Описание
Some of the programs contained in the correction instructions contain a vulnerability through which a malicious user can potentially write arbitrary files on the remote server, possibly corrupting data or altering system behavior.
Как исправить
Please refer to note 1497003 for additional information and instructions. The corrections from note 1497003 are a prerequisite for implementation of this note.
Logical File Names Used in this Solution
The following logical file names have been created in order to enable the validation of physical file names:
FI_RFEBKAT0_FILE
FI_RFEBKAT1_FILE
FI_RFEBKATX_FILE
FI_RFEBEST0_FILE
FI_RFEBLBT1_FILE
FI_RFEBLBT2_FILE
Programs using these logical file names this context:
RFEBKAT0
RFEBKAT1
RFEBKATX
RFEBEST0
RFEBLBT1
RFEBLBT2
Parameters used in this context:
<PARAM_1> Program name
Logical File Paths Used in this Solution
The logical file names listed above all use the logical file path FI_FTE_TEST_FILES.
Logical File Names Used in this Solution
The following logical file names have been created in order to enable the validation of physical file names:
FI_RFEBKAT0_FILE
FI_RFEBKAT1_FILE
FI_RFEBKATX_FILE
FI_RFEBEST0_FILE
FI_RFEBLBT1_FILE
FI_RFEBLBT2_FILE
Programs using these logical file names this context:
RFEBKAT0
RFEBKAT1
RFEBKATX
RFEBEST0
RFEBLBT1
RFEBLBT2
Parameters used in this context:
<PARAM_1> Program name
Logical File Paths Used in this Solution
The logical file names listed above all use the logical file path FI_FTE_TEST_FILES.
Ссылки