cvelistv5 - cve-2008-4830

CVE-2008-4830 (GCVE-0-2008-4830)

Vulnerability from cvelistv5

Published

2009-04-16 15:00

Modified

2024-08-07 10:31

Severity ?

CWE

Summary

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/32869	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2008-56/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/502698/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/34524
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1022062
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2009/1043	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32869	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2008-56/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/502698/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/34524
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022062
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1043	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:31:27.948Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://secunia.com/secunia_research/2008-56/"
          },
          {
            "name": "32869",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32869"
          },
          {
            "name": "20090415 Secunia Research: SAP GUI KWEdit ActiveX Control \"SaveDocumentAs()\" Insecure Method",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/502698/100/0/threaded"
          },
          {
            "name": "ADV-2009-1043",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1043"
          },
          {
            "name": "34524",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/34524"
          },
          {
            "name": "1022062",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022062"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-04-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
        "shortName": "flexera"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://secunia.com/secunia_research/2008-56/"
        },
        {
          "name": "32869",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32869"
        },
        {
          "name": "20090415 Secunia Research: SAP GUI KWEdit ActiveX Control \"SaveDocumentAs()\" Insecure Method",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/502698/100/0/threaded"
        },
        {
          "name": "ADV-2009-1043",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1043"
        },
        {
          "name": "34524",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/34524"
        },
        {
          "name": "1022062",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022062"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2008-4830",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://secunia.com/secunia_research/2008-56/",
              "refsource": "MISC",
              "url": "http://secunia.com/secunia_research/2008-56/"
            },
            {
              "name": "32869",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/32869"
            },
            {
              "name": "20090415 Secunia Research: SAP GUI KWEdit ActiveX Control \"SaveDocumentAs()\" Insecure Method",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/502698/100/0/threaded"
            },
            {
              "name": "ADV-2009-1043",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1043"
            },
            {
              "name": "34524",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/34524"
            },
            {
              "name": "1022062",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022062"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "44d08088-2bea-4760-83a6-1e9be26b15ab",
    "assignerShortName": "flexera",
    "cveId": "CVE-2008-4830",
    "datePublished": "2009-04-16T15:00:00",
    "dateReserved": "2008-10-31T00:00:00",
    "dateUpdated": "2024-08-07T10:31:27.948Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-4830\",\"sourceIdentifier\":\"PSIRT-CNA@flexerasoftware.com\",\"published\":\"2009-04-16T15:12:57.297\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de m\u00e9todo inseguro en el control ActiveX KWEdit en SAP GUI v6.40 Patch 29 (KWEDIT.DLL v6400.1.1.41) y v7.10 Patch 5 (KWEDIT.DLL v7100.1.1.43) permite a atacantes remotos (1) sobreescribir ficheros de su elecci\u00f3n mediante el m\u00e9todo SaveDocumentAs o (2) leer y ejecutar ficheros de su elecci\u00f3n mediante el m\u00e9todo OpenDocument.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:sap_gui:6.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BF9DC88-FD31-4536-94E9-47A9198826B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:sap_gui:7.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62CFD60C-5DB5-4EFD-AFBB-773F6304FC5D\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/32869\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/secunia_research/2008-56/\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/502698/100/0/threaded\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://www.securityfocus.com/bid/34524\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://www.securitytracker.com/id?1022062\",\"source\":\"PSIRT-CNA@flexerasoftware.com\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1043\",\"source\":\"PSIRT-CNA@flexerasoftware.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32869\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/secunia_research/2008-56/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/502698/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/34524\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1022062\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1043\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

ghsa-mh5m-5r69-7g2f

Vulnerability from github

Published

2022-05-14 02:41

Modified

2025-04-09 04:08

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-4830"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-04-16T15:12:00Z",
    "severity": "HIGH"
  },
  "details": "Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method.",
  "id": "GHSA-mh5m-5r69-7g2f",
  "modified": "2025-04-09T04:08:22Z",
  "published": "2022-05-14T02:41:05Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-4830"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/32869"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/secunia_research/2008-56"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/502698/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/34524"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1022062"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2009/1043"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2008-4830

Vulnerability from fkie_nvd

Published

2009-04-16 15:12

Modified

2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
PSIRT-CNA@flexerasoftware.com	http://secunia.com/advisories/32869	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://secunia.com/secunia_research/2008-56/	Vendor Advisory
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/archive/1/502698/100/0/threaded
PSIRT-CNA@flexerasoftware.com	http://www.securityfocus.com/bid/34524
PSIRT-CNA@flexerasoftware.com	http://www.securitytracker.com/id?1022062
PSIRT-CNA@flexerasoftware.com	http://www.vupen.com/english/advisories/2009/1043	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/32869	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/secunia_research/2008-56/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/502698/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/34524
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022062
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/1043	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	sap	sap_gui	6.40
	sap	sap_gui	7.10

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sap:sap_gui:6.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BF9DC88-FD31-4536-94E9-47A9198826B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:sap_gui:7.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "62CFD60C-5DB5-4EFD-AFBB-773F6304FC5D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de m\u00e9todo inseguro en el control ActiveX KWEdit en SAP GUI v6.40 Patch 29 (KWEDIT.DLL v6400.1.1.41) y v7.10 Patch 5 (KWEDIT.DLL v7100.1.1.43) permite a atacantes remotos (1) sobreescribir ficheros de su elecci\u00f3n mediante el m\u00e9todo SaveDocumentAs o (2) leer y ejecutar ficheros de su elecci\u00f3n mediante el m\u00e9todo OpenDocument."
    }
  ],
  "id": "CVE-2008-4830",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2009-04-16T15:12:57.297",
  "references": [
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32869"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2008-56/"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/archive/1/502698/100/0/threaded"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securityfocus.com/bid/34524"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "url": "http://www.securitytracker.com/id?1022062"
    },
    {
      "source": "PSIRT-CNA@flexerasoftware.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/32869"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/secunia_research/2008-56/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/502698/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/34524"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1022062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/1043"
    }
  ],
  "sourceIdentifier": "PSIRT-CNA@flexerasoftware.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method. SAP AG SAPgui KWEdit ActiveX control is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows an attacker to execute arbitrary code in the context of the application running the affected control (typically Internet Explorer). This issue affects the following: SAPgui 6.40 Patch Level 29 with KWEDIT.DLL 6400.1.1.41 SAPgui 7.10 Patch Level 5 with KWEDIT.DLL 7100.1.1.43 Other versions may be vulnerable as well. ----------------------------------------------------------------------

Secunia is pleased to announce the release of the annual Secunia report for 2008. Other versions may also be affected.

ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2008-56/

SAP Note 1294913: https://service.sap.com/sap/support/notes/1294913

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

====================================================================== 2) Severity

Rating: Highly critical Impact: System compromise Where: Remote

====================================================================== 3) Vendor's Description of Software

"SAP GUI is SAP's universal client for accessing SAP functionality in SAP applications such as - SAP ERP, SAP Business Suite (SAP CRM, SAP SCM and SAP PLM), SAP Business Intelligence and so on. SAP GUI functions like a browser. It gets information from the SAP server like what, where, when and how, to display contents in its window.".

Product Link: https://www.sdn.sap.com/irj/sdn/sap-gui

====================================================================== 4) Description of Vulnerability

Secunia Research has discovered a security issue in SAP GUI, which can be exploited by malicious people to gain knowledge of sensitive information, corrupt files, or compromise a user's system.

The problem is that the bundled KWEdit ActiveX control (KWEDIT.DLL) provides the insecure method "SaveDocumentAs()", which saves an HTML document to a specified location. This can be exploited in combination with e.g.

====================================================================== 5) Solution

Update to the latest versions, which reportedly set the kill-bit for the ActiveX control.

====================================================================== 6) Time Table

28/11/2008 - Vendor notified. 28/11/2008 - Vendor response. 14/01/2009 - Vendor provides patch for testing. 16/01/2009 - Vendor informed that patch prevents exploitation. 02/03/2009 - Status update requested. 02/03/2009 - Vendor provides status update. 15/04/2009 - Public disclosure.

====================================================================== 7) Credits

Discovered by Carsten Eiram, Secunia Research.

====================================================================== 8) References

SAP Note 1294913: https://service.sap.com/sap/support/notes/1294913

The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2008-4830 for the vulnerability.

====================================================================== 9) About Secunia

Secunia offers vulnerability management solutions to corporate customers with verified and reliable vulnerability intelligence relevant to their specific system configuration:

http://secunia.com/advisories/business_solutions/

Secunia also provides a publicly accessible and comprehensive advisory database as a service to the security community and private individuals, who are interested in or concerned about IT-security.

http://secunia.com/advisories/

Secunia believes that it is important to support the community and to do active vulnerability research in order to aid improving the security and reliability of software in general:

http://secunia.com/secunia_research/

Secunia regularly hires new skilled team members. Check the URL below to see currently vacant positions:

http://secunia.com/corporate/jobs/

Secunia offers a FREE mailing list called Secunia Security Advisories:

http://secunia.com/advisories/mailing_lists/

====================================================================== 10) Verification

Please verify this advisory by visiting the Secunia website: http://secunia.com/secunia_research/2008-56/

Complete list of vulnerability reports published by Secunia Research: http://secunia.com/secunia_research/

======================================================================

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200904-0224",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "gui",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "sap",
        "version": "6.40"
      },
      {
        "model": "gui",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "sap",
        "version": "7.10"
      },
      {
        "model": "gui",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sap",
        "version": "6.40 patch 29 and  7.10 patch 5"
      },
      {
        "model": "ag sapgui patch level",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "7.105"
      },
      {
        "model": "ag sapgui patch level",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "6.4029"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "34524"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005299"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-336"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-4830"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:sap:gui",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005299"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Carsten Eiram",
    "sources": [
      {
        "db": "BID",
        "id": "34524"
      },
      {
        "db": "PACKETSTORM",
        "id": "76690"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-336"
      }
    ],
    "trust": 1.0
  },
  "cve": "CVE-2008-4830",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2008-4830",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2008-4830",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2008-4830",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200904-336",
            "trust": 0.6,
            "value": "CRITICAL"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005299"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-336"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-4830"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method. SAP AG SAPgui KWEdit ActiveX control is prone to a remote code-execution vulnerability. \nSuccessfully exploiting this issue allows an attacker to execute arbitrary code in the context of the application running the affected control (typically Internet Explorer). \nThis issue affects the following:\nSAPgui 6.40 Patch Level 29 with KWEDIT.DLL 6400.1.1.41\nSAPgui 7.10 Patch Level 5 with KWEDIT.DLL 7100.1.1.43\nOther versions may be vulnerable as well. ----------------------------------------------------------------------\n\nSecunia is pleased to announce the release of the annual Secunia\nreport for 2008. Other versions may also be affected. \n\nORIGINAL ADVISORY:\nSecunia Research:\nhttp://secunia.com/secunia_research/2008-56/\n\nSAP Note 1294913:\nhttps://service.sap.com/sap/support/notes/1294913\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\n====================================================================== \n2) Severity \n\nRating: Highly critical\nImpact: System compromise\nWhere:  Remote\n\n====================================================================== \n3) Vendor\u0027s Description of Software \n\n\"SAP GUI is SAP\u0027s universal client for accessing SAP functionality in\nSAP applications such as - SAP ERP, SAP Business Suite (SAP CRM, SAP\nSCM and SAP PLM), SAP Business Intelligence and so on. SAP GUI\nfunctions like a browser. It gets information from the SAP server like\nwhat, where, when and how, to display contents in its window.\". \n\nProduct Link:\nhttps://www.sdn.sap.com/irj/sdn/sap-gui\n\n====================================================================== \n4) Description of Vulnerability\n\nSecunia Research has discovered a security issue in SAP GUI, which can\nbe exploited by malicious people to gain knowledge of sensitive \ninformation, corrupt files, or compromise a user\u0027s system. \n\nThe problem is that the bundled KWEdit ActiveX control (KWEDIT.DLL) \nprovides the insecure method \"SaveDocumentAs()\", which saves an HTML \ndocument to a specified location. This can be exploited in combination\nwith e.g. \n\n====================================================================== \n5) Solution \n\nUpdate to the latest versions, which reportedly set the kill-bit for \nthe ActiveX control. \n\n====================================================================== \n6) Time Table \n\n28/11/2008 - Vendor notified. \n28/11/2008 - Vendor response. \n14/01/2009 - Vendor provides patch for testing. \n16/01/2009 - Vendor informed that patch prevents exploitation. \n02/03/2009 - Status update requested. \n02/03/2009 - Vendor provides status update. \n15/04/2009 - Public disclosure. \n\n====================================================================== \n7) Credits \n\nDiscovered by Carsten Eiram, Secunia Research. \n\n====================================================================== \n8) References\n\nSAP Note 1294913:\nhttps://service.sap.com/sap/support/notes/1294913\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned \nCVE-2008-4830 for the vulnerability. \n\n====================================================================== \n9) About Secunia\n\nSecunia offers vulnerability management solutions to corporate\ncustomers with verified and reliable vulnerability intelligence\nrelevant to their specific system configuration:\n\nhttp://secunia.com/advisories/business_solutions/\n\nSecunia also provides a publicly accessible and comprehensive advisory\ndatabase as a service to the security community and private \nindividuals, who are interested in or concerned about IT-security. \n\nhttp://secunia.com/advisories/\n\nSecunia believes that it is important to support the community and to\ndo active vulnerability research in order to aid improving the \nsecurity and reliability of software in general:\n\nhttp://secunia.com/secunia_research/\n\nSecunia regularly hires new skilled team members. Check the URL below\nto see currently vacant positions:\n\nhttp://secunia.com/corporate/jobs/\n\nSecunia offers a FREE mailing list called Secunia Security Advisories:\n\nhttp://secunia.com/advisories/mailing_lists/\n\n====================================================================== \n10) Verification \n\nPlease verify this advisory by visiting the Secunia website:\nhttp://secunia.com/secunia_research/2008-56/\n\nComplete list of vulnerability reports published by Secunia Research:\nhttp://secunia.com/secunia_research/\n\n======================================================================\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-4830"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005299"
      },
      {
        "db": "BID",
        "id": "34524"
      },
      {
        "db": "PACKETSTORM",
        "id": "76718"
      },
      {
        "db": "PACKETSTORM",
        "id": "76690"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2008-4830",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "34524",
        "trust": 1.9
      },
      {
        "db": "SECUNIA",
        "id": "32869",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1022062",
        "trust": 1.6
      },
      {
        "db": "VUPEN",
        "id": "ADV-2009-1043",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005299",
        "trust": 0.8
      },
      {
        "db": "BUGTRAQ",
        "id": "20090415 SECUNIA RESEARCH: SAP GUI KWEDIT ACTIVEX CONTROL \"SAVEDOCUMENTAS()\" INSECURE METHOD",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-336",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "76718",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "76690",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "34524"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005299"
      },
      {
        "db": "PACKETSTORM",
        "id": "76718"
      },
      {
        "db": "PACKETSTORM",
        "id": "76690"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-336"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-4830"
      }
    ]
  },
  "id": "VAR-200904-0224",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.212367725
  },
  "last_update_date": "2024-11-23T22:50:02.037000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SAP GUI",
        "trust": 0.8,
        "url": "http://help.sap.com/saphelp_smehp1/helpdata/ja/4f/472e42e1ef5633e10000000a155106/content.htm"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005299"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-Other",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005299"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-4830"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://secunia.com/secunia_research/2008-56/"
      },
      {
        "trust": 1.6,
        "url": "http://www.vupen.com/english/advisories/2009/1043"
      },
      {
        "trust": 1.6,
        "url": "http://www.securitytracker.com/id?1022062"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/34524"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/32869"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/archive/1/502698/100/0/threaded"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4830"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-4830"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/archive/1/archive/1/502698/100/0/threaded"
      },
      {
        "trust": 0.5,
        "url": "https://service.sap.com/sap/support/notes/1294913"
      },
      {
        "trust": 0.3,
        "url": "http://support.microsoft.com/kb/240797"
      },
      {
        "trust": 0.3,
        "url": "http://www.sap.com/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/502698"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/32869/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/try_vi/request_2008_report/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_research/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/corporate/jobs/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/mailing_lists/"
      },
      {
        "trust": 0.1,
        "url": "https://www.sdn.sap.com/irj/sdn/sap-gui"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/business_solutions/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2008-4830"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "34524"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005299"
      },
      {
        "db": "PACKETSTORM",
        "id": "76718"
      },
      {
        "db": "PACKETSTORM",
        "id": "76690"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-336"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-4830"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "34524"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005299"
      },
      {
        "db": "PACKETSTORM",
        "id": "76718"
      },
      {
        "db": "PACKETSTORM",
        "id": "76690"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-336"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-4830"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2009-04-15T00:00:00",
        "db": "BID",
        "id": "34524"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-005299"
      },
      {
        "date": "2009-04-16T12:47:33",
        "db": "PACKETSTORM",
        "id": "76718"
      },
      {
        "date": "2009-04-15T21:04:55",
        "db": "PACKETSTORM",
        "id": "76690"
      },
      {
        "date": "2009-04-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200904-336"
      },
      {
        "date": "2009-04-16T15:12:57.297000",
        "db": "NVD",
        "id": "CVE-2008-4830"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2010-12-03T13:55:00",
        "db": "BID",
        "id": "34524"
      },
      {
        "date": "2012-12-20T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2009-005299"
      },
      {
        "date": "2009-04-28T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200904-336"
      },
      {
        "date": "2024-11-21T00:52:40.567000",
        "db": "NVD",
        "id": "CVE-2008-4830"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-336"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SAP GUI of  KWEdit ActiveX Vulnerability to overwrite arbitrary files in Control",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2009-005299"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200904-336"
      }
    ],
    "trust": 0.6
  }
}

gsd-2008-4830

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2008-4830

Aliases

CVE-2008-4830

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-4830",
    "description": "Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method.",
    "id": "GSD-2008-4830",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2008-4830"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-4830"
      ],
      "details": "Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method.",
      "id": "GSD-2008-4830",
      "modified": "2023-12-13T01:22:59.503437Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
        "ID": "CVE-2008-4830",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://secunia.com/secunia_research/2008-56/",
            "refsource": "MISC",
            "url": "http://secunia.com/secunia_research/2008-56/"
          },
          {
            "name": "32869",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/32869"
          },
          {
            "name": "20090415 Secunia Research: SAP GUI KWEdit ActiveX Control \"SaveDocumentAs()\" Insecure Method",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/502698/100/0/threaded"
          },
          {
            "name": "ADV-2009-1043",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2009/1043"
          },
          {
            "name": "34524",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/34524"
          },
          {
            "name": "1022062",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1022062"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sap:sap_gui:6.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:sap_gui:7.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "PSIRT-CNA@flexerasoftware.com",
          "ID": "CVE-2008-4830"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "34524",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/34524"
            },
            {
              "name": "ADV-2009-1043",
              "refsource": "VUPEN",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2009/1043"
            },
            {
              "name": "32869",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/32869"
            },
            {
              "name": "http://secunia.com/secunia_research/2008-56/",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/secunia_research/2008-56/"
            },
            {
              "name": "1022062",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1022062"
            },
            {
              "name": "20090415 Secunia Research: SAP GUI KWEdit ActiveX Control \"SaveDocumentAs()\" Insecure Method",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/502698/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2018-10-11T20:52Z",
      "publishedDate": "2009-04-16T15:12Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2008-4830 (GCVE-0-2008-4830)

Vulnerability from cvelistv5

ghsa-mh5m-5r69-7g2f

Vulnerability from github

fkie_cve-2008-4830

Vulnerability from fkie_nvd

var-200904-0224

Vulnerability from variot

gsd-2008-4830

Vulnerability from gsd

Tags

Sightings

Nomenclature