High severity7.8NVD Advisory· Published May 10, 2017· Updated May 13, 2026

CVE-2017-8852

Description

SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted CAR archive file received from an untrusted remote source. The problem is that the length of data written is an arbitrary number found within the file. The vendor response is SAP Security Note 2441560.

Affected products

SAP/Sapcar
cpe:2.3:a:sap:sapcar:721.510:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.coresecurity.com/advisories/sap-sapcar-heap-based-buffer-overflow-vulnerabilitynvdExploitThird Party Advisory
www.securityfocus.com/bid/98350nvdThird Party AdvisoryVDB Entry
www.exploit-db.com/exploits/41991/nvd

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000