5 matches found
EnjoySAP SAP GUI ActiveX Control Arbitrary File Download
No description provided by source. $Id: enjoysapguicompdownload.rb 11189 2010-12-01 03:18:05Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing a...
EnjoySAP SAP GUI ActiveX Control Arbitrary File Download
This module allows remote attackers to place arbitrary files on a users file system by abusing the "CompDownload" method in the SAP KWEdit ActiveX Control kwedit.dll 6400.1.1.41. This module requires Metasploit: https://metasploit.com/download Current source:...
CVE-2008-4830
creationtimestamp| type| source ---|---|--- 2010-12-01 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16493 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/enjoysapguicompdownload.rb 2025-02-06...
Secunia Research: SAP GUI KWEdit ActiveX Control "SaveDocumentAs()" Insecure Method
====================================================================== Secunia Research 15/04/2009 - SAP GUI KWEdit ActiveX Control "SaveDocumentAs" Insecure Method - ====================================================================== Table of Contents Affected...
CVE-2008-4830
CVE-2008-4830 is an insecure method vulnerability in SAP GUI’s KWEdit ActiveX control (KWEDIT.DLL 6400.1.1.41 and 7100.1.1.43). The SaveDocumentAs method can allow an attacker to overwrite arbitrary files, and the OpenDocument method can read or execute arbitrary files on a remote host. Affected ...