Published: 06/07/2007 Updated: 29/09/2017

CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9

VMScore: 765

Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

Heap-based buffer overflow in the rfcguisink.rfcguisink.1 ActiveX control in the EnjoySAP SAP GUI, on systems using ASCII versions, allows remote malicious users to execute arbitrary code via a long first argument to the LaunchGui function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sap enjoysap

<!-- ======= Summary ======= Name: EnjoySAP, SAP GUI for Windows - Heap Overflow Release Date: 5 July 2007 Reference: NGS00482 Discover: Mark Litchfield <mark@ngssoftwarecom> Vendor: SAP Vendor Reference: SECRES-290 Systems Affected: All ASCII Versions Risk: High Status: Fixed ======== TimeLine ======== Discovered: 4 January 2007 Relea ...

NVD-CWE-Other http://www.securityfocus.com/bid/24776 http://www.securityfocus.com/bid/24777 http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-enjoysap-stack-overflow/http://secunia.com/advisories/25959 http://osvdb.org/37689 http://www.vupen.com/english/advisories/2007/2449 https://exchange.xforce.ibmcloud.com/vulnerabilities/35268 https://www.exploit-db.com/exploits/4149 https://nvd.nist.gov https://www.exploit-db.com/exploits/4149/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-3606

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect