CVE-2018-2439 is a vulnerability in SAP Internet Graphics Server
Published on July 10, 2018
The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has insufficient request validation (for example, where the request is validated for authenticity and validity) and under certain conditions, will process invalid requests. Several areas of the SAP Internet Graphics Server (IGS) did not require sufficient input validation. Namely, the SAP Internet Graphics Server (IGS) HTTP and RFC listener, SAP Internet Graphics Server (IGS) portwatcher when registering a portwatcher to the multiplexer and the SAP Internet Graphics Server (IGS) multiplexer had insufficient input validation and thus allowing a malformed data packet to cause a crash.
Products Associated with CVE-2018-2439
Want to know whenever a new CVE is published for SAP Internet Graphics Server? stack.watch will email you.
Affected Versions
SAP Internet Graphics Server (IGS):- Version = 7.20 is affected.
- Version = 7.20EXT is affected.
- Version = 7.45 is affected.
- Version = 7.49 is affected.
- Version = 7.53 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.