Published: 06/07/2007 Updated: 15/10/2018

CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9

VMScore: 770

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit.dll in the EnjoySAP SAP GUI allows remote malicious users to execute arbitrary code via a long argument to the PrepareToPostHTML function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sap enjoysap

<!-- ======= Summary ======= Name: EnjoySAP, SAP GUI for Windows - Stack Overflow Release Date: 5 July 2007 Reference: NGS00483 Discover: Mark Litchfield <mark@ngssoftwarecom> Vendor: SAP Vendor Reference: SECRES-289 Systems Affected: All Versions Risk: High Status: Fixed ======== TimeLine ======== Discovered: 4 January 2007 Released: ...

## # $Id: enjoysapgui_preparetoposthtmlrb 9525 2010-06-15 07:18:08Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf ...

NVD-CWE-Other http://www.securityfocus.com/bid/24772 http://www.securityfocus.com/bid/24776 http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-enjoysap-stack-overflow/http://secunia.com/advisories/25959 http://securityreason.com/securityalert/2873 http://osvdb.org/37690 http://www.vupen.com/english/advisories/2007/2449 https://exchange.xforce.ibmcloud.com/vulnerabilities/35267 https://www.exploit-db.com/exploits/4148 http://www.securityfocus.com/archive/1/472887/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/4148/

CVE-2007-3605

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect