The CMS CORBA listener in SAP BusinessObjects BI Edge 4.0 allows remote attackers to cause a denial of service (server shutdown) via crafted OSCAFactory::Session ORB message.