📦

business_objects

Vendor: sap

Actively Exploited 0 CISA KEV List

PoC / Exploits 1 Code Available

Total RCEs 1 Remote Access

Total CVEs 226 Total Indexed

Avg. EPSS 29.54% Exploit Prob.

Latest CVE CVE-2010-2103 May 27

Security Vulnerability Index

Page 1 / 23

4.3 CVSS

CVE-2010-2103

Exploit Found

Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administration console in Apache Axis2/Java 1.4.1, 1.5.1, and possibly other versions, as used in SAP Business Objects 12, 3com IMC, and possibly other products, allows remote attackers to inject arbitrary web script or HTML via the modules parameter. NOTE: some of these details are obtained from third party information.

EPSS: 26.90%

Severity: MEDIUM

May 27, 2010

9.3 CVSS

CVE-2007-6254

RCE

Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors.

EPSS: 32.18%

Severity: HIGH

Mar 20, 2008

Displaying 2 of 226 Total Entries

1 2 3 4 5 ... 23

Total 23 Sections