EnjoySAP SAP GUI ActiveX Control Arbitrary File Download Vulnerability
危険度: 緊急
CVE識別番号: CVE-2008-4830
情報公開日: 7 21, 2015
概要
Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1006148
Trend Micro Deep Security DPI Rule Name: 1006148 - EnjoySAP SAP GUI ActiveX Control Arbitrary File Download Vulnerability
影響を受けるソフトウェア
- sap sap_gui 6.40
- sap sap_gui 7.10