cve/2018/CVE-2018-2392.md

CVE-2018-2392

Description

Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable.

POC

Reference

• https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/ARPSyndicate/kenzer-templates
• https://github.com/Vladimir-Ivanov-Git/sap_igs_xxe
• https://github.com/developer3000S/PoC-in-GitHub
• https://github.com/hectorgie/PoC-in-GitHub