Insecure Method Vulnerability in SAP GUI ActiveX Control
CVE-2008-4830
Currently unrated
What is CVE-2008-4830?
The KWEdit ActiveX control within SAP GUI versions 6.40 Patch 29 and 7.10 Patch 5 contains an insecure method vulnerability that can be exploited by remote attackers. This vulnerability facilitates unauthorized file operations, allowing attackers to overwrite arbitrary files through the SaveDocumentAs method or to read and execute arbitrary files via the OpenDocument method. This presents a significant risk to confidentiality and integrity, making it important for users to implement mitigations.