http://nchovy.kr/security/cve xeraph@nchovy.kr ko CVE : NCHOVY 인터넷 스톰 센터 National Vulnerability Database http://nchovy.kr/security/cve/CVE-2012-2513 http://nchovy.kr/security/cve/CVE-2012-2513 The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. 2012-05-15T13:21:43+0900 2012-05-15T13:21:43+0900 National Vulnerability Database http://nchovy.kr/security/cve/CVE-2012-1804 http://nchovy.kr/security/cve/CVE-2012-1804 Progea Movicon before 11.3 allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted HTTP request. 2012-05-15T05:55:01+0900 2012-05-15T05:55:01+0900 National Vulnerability Database http://nchovy.kr/security/cve/CVE-2012-2277 http://nchovy.kr/security/cve/CVE-2012-2277 The IRM Server in EMC Documentum Information Rights Management 4.x before 4.7.0100 and 5.x before 5.0.1030 allows remote attackers to cause a denial of service (pvcontrol.exe process hang) via \n (line feed) characters in the Id fields of many "batch begin untethered" commands. 2012-05-15T07:55:01+0900 2012-05-15T07:55:01+0900 National Vulnerability Database http://nchovy.kr/security/cve/CVE-2012-2514 http://nchovy.kr/security/cve/CVE-2012-2514 The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. 2012-05-15T13:21:43+0900 2012-05-15T13:21:43+0900 National Vulnerability Database http://nchovy.kr/security/cve/CVE-2012-2612 http://nchovy.kr/security/cve/CVE-2012-2612 The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. 2012-05-15T13:21:43+0900 2012-05-15T13:21:43+0900 National Vulnerability Database http://nchovy.kr/security/cve/CVE-2012-2333 http://nchovy.kr/security/cve/CVE-2012-2333 Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted TLS packet that is not properly handled during a certain explicit IV calculation. 2012-05-15T07:55:03+0900 2012-05-15T07:55:03+0900 National Vulnerability Database http://nchovy.kr/security/cve/CVE-2012-2511 http://nchovy.kr/security/cve/CVE-2012-2511 The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. 2012-05-15T13:21:43+0900 2012-05-15T13:21:43+0900 National Vulnerability Database http://nchovy.kr/security/cve/CVE-2012-2611 http://nchovy.kr/security/cve/CVE-2012-2611 The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote attackers to execute arbitrary code via a crafted SAP Diag packet. 2012-05-15T13:21:43+0900 2012-05-15T13:21:43+0900