SAP Knowledge Base Article - Preview

1585966 - Code injection vulnerability in RSMSSPARTDRIV_FORMS v6.40


  • Include RSMSSPARTDRIV_FORMS allows to execute arbitrary program code of the user's choice.
  • A malicious user that has a valid and authenticated R/3 account can therefore inject and run his/her own code e.g. to escalate privileges by executing malicious code without legitimate own credentials, perform a denial of service (DoS) attack, etc.
  • SAP Note 1499206 does not list corrections for SAP_BASIS 640.



  • SAP NetWeaver 2004 Application Server for ABAP with SAP_BASIS Release 640


SAP NetWeaver 2004


RSMSSPARTDRIV, backdoor, vulnerabilities, security, credentials, injection, inject own code, run own code, malicious user, malicious code, escalate privileges, denial of service attack (DoS) , KBA , BC-DB-MSS , SQL Server in SAP NetWeaver Products , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.