ID CVE-2007-3605
Summary Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit.dll in the EnjoySAP SAP GUI allows remote attackers to execute arbitrary code via a long argument to the PrepareToPostHTML function.
References
Vulnerable Configurations
  • cpe:2.3:a:sap:enjoysap:*:*:*:*:*:*:*:*
    cpe:2.3:a:sap:enjoysap:*:*:*:*:*:*:*:*
CVSS
Base: 7.6 (as of 15-10-2018 - 21:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:H/Au:N/C:C/I:C/A:C
refmap via4
bid
  • 24772
  • 24776
bugtraq 20070705 EnjoySAP, SAP GUI for Windows - Stack Overflow
exploit-db 4148
misc http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-enjoysap-stack-overflow/
osvdb 37690
secunia 25959
sreason 2873
vupen ADV-2007-2449
xf enjoysap-kweditcontrolkwedit1-bo(35267)
Last major update 15-10-2018 - 21:29
Published 06-07-2007 - 19:30
Last modified 15-10-2018 - 21:29
Back to Top