Unrated severityNVD Advisory· Published Nov 7, 2006· Updated Apr 23, 2026

CVE-2006-5784

Description

Unspecified vulnerability in enserver.exe in SAP Web Application Server 6.40 before patch 136 and 7.00 before patch 66 allows remote attackers to read arbitrary files via crafted data on a "3200+SYSNR" TCP port, as demonstrated by port 3201. NOTE: this issue can be leveraged by local users to access a named pipe as the SAPServiceJ2E user.

Affected products

SAP/Sap Web Application Server2 versions
cpe:2.3:a:sap:sap_web_application_server:6.40:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sap:sap_web_application_server:6.40:*:*:*:*:*:*:*
- cpe:2.3:a:sap:sap_web_application_server:7.00:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/22677nvdPatchVendor Advisory
www.vupen.com/english/advisories/2006/4318nvdVendor Advisory
securityreason.com/securityalert/1828nvd
www.securityfocus.com/archive/1/450394/100/0/threadednvd
www.securityfocus.com/archive/1/459499/100/0/threadednvd
www.securityfocus.com/bid/20877nvd
www.securitytracker.com/idnvd
exchange.xforce.ibmcloud.com/vulnerabilities/29982nvd
www.exploit-db.com/exploits/3291nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000