Lucene search

[email protected]CVE-2007-3605

HistoryJul 06, 2007 - 7:30 p.m.

CVE-2007-3605

2007-07-0619:30:00

[email protected]

web.nvd.nist.gov

cve

2007

3605

buffer overflow

kweditcontrol

activex

frontend

sapgui

kwedit.dll

enjoysap

sap gui

remote attackers

arbitrary code

preparetoposthtml

nvd

8 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.951 High

EPSS

Percentile

99.3%

JSON

Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit.dll in the EnjoySAP SAP GUI allows remote attackers to execute arbitrary code via a long argument to the PrepareToPostHTML function.

Affected configurations

NVD

Node

sapenjoysap

CPENameOperatorVersion
sap:enjoysapsap enjoysapeq*

CPE	Name	Operator	Version
sap:enjoysap	sap enjoysap	eq	*

References

osvdb.org/37690

secunia.com/advisories/25959

securityreason.com/securityalert/2873

www.ngssoftware.com/advisories/high-risk-vulnerability-in-enjoysap-stack-overflow/

www.securityfocus.com/archive/1/472887/100/0/threaded

www.securityfocus.com/bid/24772

www.securityfocus.com/bid/24776

www.vupen.com/english/advisories/2007/2449

exchange.xforce.ibmcloud.com/vulnerabilities/35267

www.exploit-db.com/exploits/4148

8 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.951 High

EPSS

Percentile

99.3%

JSON

Related for CVE-2007-3605

nvd1 checkpoint_advisories1 prion1 packetstorm1 cvelist1 d21