Insecure Method Vulnerability in SAP GUI ActiveX Control
CVE-2008-4830

Currently unrated

Key Information:

Vendor

SAP
Status
SAP Gui
Vendor
CVE Published:
16 April 2009

What is CVE-2008-4830?

The KWEdit ActiveX control within SAP GUI versions 6.40 Patch 29 and 7.10 Patch 5 contains an insecure method vulnerability that can be exploited by remote attackers. This vulnerability facilitates unauthorized file operations, allowing attackers to overwrite arbitrary files through the SaveDocumentAs method or to read and execute arbitrary files via the OpenDocument method. This presents a significant risk to confidentiality and integrity, making it important for users to implement mitigations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/secunia_research/2008-56/
x_refsource_MISC
http://secunia.com/advisories/32869
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/502698/100/0/threaded
mailing-listx_refsource_BUGTRAQ

EPSS Score

62% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.