Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Производитель ПО
Наименование ПО
SAP Notes
(1556366-4)
SAP Support Packages
(SAP_JVM_41_SP005_000005, SAP_JVM_41_SP999999_999999, SAP_JVM_51_SP063_000063, SAP_JVM_51_SP999999_999999, SAP_JVM_61_SP023_000023, SAP_JVM_61_SP999999_999999, SAP_KERNEL_700_32_BIT_SP289_000289, SAP_KERNEL_700_32_BIT_SP999999_999999, SAP_KERNEL_700_32_BIT_UNICODE_SP289_000289, SAP_KERNEL_700_32_BIT_UNICODE_SP999999_999999, SAP_KERNEL_700_64_BIT_SP289_000289, SAP_KERNEL_700_64_BIT_SP999999_999999, SAP_KERNEL_700_64_BIT_UNICODE_SP289_000289, SAP_KERNEL_700_64_BIT_UNICODE_SP999999_999999, SAP_KERNEL_701_32_BIT_SP130_000130, SAP_KERNEL_701_32_BIT_SP999999_999999, SAP_KERNEL_701_32_BIT_UNICODE_SP130_000130, SAP_KERNEL_701_32_BIT_UNICODE_SP999999_999999, SAP_KERNEL_701_64_BIT_SP130_000130, SAP_KERNEL_701_64_BIT_SP999999_999999, SAP_KERNEL_701_64_BIT_UNICODE_SP130_000130, SAP_KERNEL_701_64_BIT_UNICODE_SP999999_999999, SAP_KERNEL_710_32_BIT_SP236_000236, SAP_KERNEL_710_32_BIT_SP999999_999999, SAP_KERNEL_710_32_BIT_UNICODE_SP236_000236, SAP_KERNEL_710_32_BIT_UNICODE_SP999999_999999, SAP_KERNEL_710_64_BIT_SP236_000236, SAP_KERNEL_710_64_BIT_SP999999_999999, SAP_KERNEL_710_64_BIT_UNICODE_SP236_000236, SAP_KERNEL_710_64_BIT_UNICODE_SP999999_999999, SAP_KERNEL_711_32_BIT_SP122_000122, SAP_KERNEL_711_32_BIT_SP999999_999999, SAP_KERNEL_711_32_BIT_UNICODE_SP122_000122, SAP_KERNEL_711_32_BIT_UNICODE_SP999999_999999, SAP_KERNEL_711_64_BIT_SP122_000122, SAP_KERNEL_711_64_BIT_SP999999_999999, SAP_KERNEL_711_64_BIT_UNICODE_SP122_000122, SAP_KERNEL_711_64_BIT_UNICODE_SP999999_999999, SAP_KERNEL_720_32_BIT_SP080_000080, SAP_KERNEL_720_32_BIT_SP999999_999999, SAP_KERNEL_720_32_BIT_UNICODE_SP080_000080, SAP_KERNEL_720_32_BIT_UNICODE_SP999999_999999, SAP_KERNEL_720_64_BIT_SP080_000080, SAP_KERNEL_720_64_BIT_SP999999_999999, SAP_KERNEL_720_64_BIT_UNICODE_SP080_000080, SAP_KERNEL_720_64_BIT_UNICODE_SP999999_999999, SAP_KERNEL_72L_64_BIT_UNICODE_SP035_000035, SAP_KERNEL_72L_64_BIT_UNICODE_SP999999_999999)
Описание
A malicious user can trigger a condition in which the process enters an infinite loop, causing it to consume all of the available processing time. This causes the entire machine to become unresponsive until the process is terminated manually. An malicious user can use this flaw to launch a denial of service (DoS) attack.
Как исправить
A solution to this issue is available with the following versions:
Products based on the Java Runtime Ennvironment running within the SAP VM Container: The solution is available with a kernel patch as mentioned in SP Patch Level.
Products based on the Java Runtime Environment of the SAP JVM: The solution is available with a fixed version of the SAP JVM as mentioned in SP Patch Level.
Products based on the Java Runtime Ennvironment running within the SAP VM Container: The solution is available with a kernel patch as mentioned in SP Patch Level.
Products based on the Java Runtime Environment of the SAP JVM: The solution is available with a fixed version of the SAP JVM as mentioned in SP Patch Level.
Ссылки