The Register® — Biting the hand that feeds IT

SAP upgrades foil buffer overflow flaws

Nick of time

Understand how application security is evolving

Security researchers have discovered a slew of vulnerabilities in enterprise software packages from SAP that create a means for hackers inject malware onto or crash vulnerable systems.

The vulnerabilities involve two ActiveX controls buffer overflow in EnjoySAP GUI and separate buffer overflow flaws in SAP's Message Server and SAP DB Web Server. Another bug leads to denial of service risks for firm's running SAP Web Application Server.

Fortunately all four sets of flaws, each discovered by Mark Litchfield of NGSSoftware, can be addressed by updating to the latest versions of SAP's software. ®

Join our expert panel in discussing application security

Don’t Miss

GoogleGoogle code cloud punts on-demand embarrassment

Fail and You Mountain View's Sarah Palin moment

open source 75Microsoft weighs next-phase in open-source support

Spring, PHP, and Apache sized up

iTunes logoiTunes minus the player: hack your Apple beats

Mac Secrets Dodge the shareware sledgehammer

OracleOracle plans cloud strategy

Exclusive Larry smells money in madness