Unrated severityNVD Advisory· Published Aug 15, 2012· Updated Jun 16, 2026
CVE-2012-4341
CVE-2012-4341
Description
Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a package with opcode 0x43 and sub opcode 0x4 to TCP port 3900.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:sap:netweaver_abap:7.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:sap:netweaver_abap:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver_abap:7.02:sp6:*:*:*:*:*:*
- cpe:2.3:a:sap:netweaver_abap:7.03:sp4:*:*:*:*:*:*
- (no CPE)range: 7.x
Patches
Vulnerability mechanics
References
8- secunia.com/advisories/49744nvdVendor Advisory
- scn.sap.com/docs/DOC-8218nvd
- www.securitytracker.com/idnvd
- www.zerodayinitiative.com/advisories/ZDI-12-104/nvd
- www.zerodayinitiative.com/advisories/ZDI-12-111/nvd
- www.zerodayinitiative.com/advisories/ZDI-12-112/nvd
- service.sap.com/sap/support/notes/1649838nvd
- websmp230.sap-ag.de/sap%28bD1lbiZjPTAwMQ==%29/bc/bsp/spn/sapnotes/index2.htmnvd
News mentions
0No linked articles in our index yet.