Multiple untrusted search path vulnerabilities in (1) SAPGui.exe and (2) BExAnalyzer.exe in SAP GUI 6.4 up to and including 7.2 allow local users to gain privileges via a Trojan horse MFC80LOC.DLL file in the current working directory, as demonstrated by a directory that contains a .sap file. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap graphical user interface 6.4 |
||
sap graphical user interface 7.2 |