• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Не установлено обновление Note 1506843

Главная Специалистам База уязвимостей Не установлено обновление Note 1506843

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1506843-3) SAP Support Packages (SAPKH31IB9, SAPKH40B89, SAPKH45B67, SAPKH46B62, SAPKH46C62, SAPKH47036, SAPKH50024, SAPKH60019, SAPKH60209, SAPKH60308, SAPKH60409, SAPKH60503, SAPKH60504)
Описание
1. The programs contained in the correction instructions contain  vulnerabilities through which a malicious user can potentially read arbitrary files on the remote server, possibly disclosing confidential information.
2. Some of the programs contained in the  correction instructions contain a vulnerability through which a  malicious user can potentially write arbitrary files on the remote server, possibly corrupting data or altering system behavior.
Как исправить
The following logical file names have been created in order to enable
the validation of physical file names:

FI_RFEBFILUM00_FILE
FI_RFIDATEB00_FILE
FI_RFEBBE00_FILE
FI_RFEBBE00_NACC_FILE
FI_RFEBBECODA00_FILE
FI_RFEBNO00_FILE
FI_RFESR000_FILE


Logical File Paths Used in this Solution
The logical file names listed above all use the logical file path
FI_FBZ_FILE_PATH
FI_FTE_FILE_PATH
FI_FBAS_FILE_PATH.
Ссылки