SAP GUI EAI WebViewer3D ActiveX Stack Buffer Overflow
Publish date: 21 de julio de 2015
Gravedad: Crítico
Identificadores de CVE : CVE-2007-4475
Fecha recomendada: 21 de julio de 2015
Descripción
Stack-based buffer overflow in EAI WebViewer3D ActiveX control (webviewer3d.dll) in SAP AG SAPgui before 7.10 Patch Level 9 allows remote attackers to execute arbitrary code via a long argument to the SaveViewToSessionFile method.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1003414
Trend Micro Deep Security DPI Rule Name: 1003414 - SAP GUI EAI WebViewer3D ActiveX Stack Buffer Overflow
Software y versión afectados
- sap sapgui 4.6
- sap sapgui 4.6a
- sap sapgui 4.6b
- sap sapgui 4.6c
- sap sapgui 4.6d
- sap sapgui 6.40
- sap sapgui 7.10