Description
SAP GUI (Sapgui) 4.6D allows remote attackers to cause a denial of service (crash) via a connection to a high-numbered port, which generates an "unknown connection data" error.
Product(s):
- SAP SAPGUI 4.6 for Windows
- SAP SAPGUI 4.6A for Windows
- SAP SAPGUI 4.6B for Windows
- SAP SAPGUI 4.6c for Windows
- SAP SAPGUI 4.6d for Windows
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2002-1579, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2002-1579 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.