Skip to main content
CVE-2013-4988 CRITICAL POC THREAT Emergency

Stack-based buffer overflow in IcoFX 2.5 and earlier allows remote attackers to execute arbitrary code via a long idCount value in an ICONDIR structure in an ICO file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 80.6%.

Buffer Overflow RCE Icofx
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
80.6%
Threat
5.8
CVE-2013-7095 CRITICAL Act Now

The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE SAP Customer Relationship Management
NVD
CVSS 2.0
10.0
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy