Lucene search

[email protected]CVE-2007-3605

HistoryJul 06, 2007 - 7:30 p.m.

CVE-2007-3605

2007-07-0619:30:00

[email protected]

web.nvd.nist.gov

cve

2007

3605

buffer overflow

kweditcontrol

activex

frontend

sapgui

kwedit.dll

enjoysap

sap gui

remote attackers

arbitrary code

preparetoposthtml

nvd

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.951 High

EPSS

Percentile

99.3%

JSON

Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit.dll in the EnjoySAP SAP GUI allows remote attackers to execute arbitrary code via a long argument to the PrepareToPostHTML function.

Affected configurations

NVD

Node

sapenjoysap

CPENameOperatorVersion
sap:enjoysapsap enjoysapeq*

CPE	Name	Operator	Version
sap:enjoysap	sap enjoysap	eq	*

References

osvdb.org/37690

secunia.com/advisories/25959

securityreason.com/securityalert/2873

www.ngssoftware.com/advisories/high-risk-vulnerability-in-enjoysap-stack-overflow/

www.securityfocus.com/archive/1/472887/100/0/threaded

www.securityfocus.com/bid/24772

www.securityfocus.com/bid/24776

www.vupen.com/english/advisories/2007/2449

exchange.xforce.ibmcloud.com/vulnerabilities/35267

www.exploit-db.com/exploits/4148

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.951 High

EPSS

Percentile

99.3%

JSON

Related for CVE-2007-3605

packetstorm1 checkpoint_advisories1 cvelist1 prion1 d21 nvd1