Stack-based Buffer Overflow in EnjoySAP SAP GUI
CVE-2007-3605

Currently unrated

Key Information:

Vendor: SAP
Status: EnjoySAP
Vendor: CVE Published:; 6 July 2007

What is CVE-2007-3605?

A stack-based buffer overflow vulnerability exists in the kweditcontrol.kwedit.1 ActiveX control found in the EnjoySAP SAP GUI. This flaw allows attackers to execute arbitrary code on affected systems by providing a long argument to the PrepareToPostHTML function, which can lead to severe security breaches. Users of the SAP GUI for Windows are particularly at risk if they utilize this ActiveX control, as it opens avenues for remote exploitation if not properly mitigated.

References

http://osvdb.org/37690

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/24772

vdb-entryx_refsource_BID

http://securityreason.com/securityalert/2873

third-party-advisoryx_refsource_SREASON

EPSS Score

86% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 6, 2007
Vulnerability Reserved
Jul 6, 2007