EnjoySAP SAP GUI ActiveX Control Arbitrary File Download

No description provided by source. $Id: enjoysapguicompdownload.rb 11189 2010-12-01 03:18:05Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing a...

EnjoySAP SAP GUI ActiveX Control Buffer Overflow

No description provided by source. $Id: enjoysapguipreparetoposthtml.rb 9525 2010-06-15 07:18:08Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...

EnjoySAP SAP GUI ActiveX Control Arbitrary File Download

This module allows remote attackers to place arbitrary files on a users file system by abusing the "CompDownload" method in the SAP KWEdit ActiveX Control kwedit.dll 6400.1.1.41. This module requires Metasploit: https://metasploit.com/download Current source:...

EnjoySAP SAP GUI - ActiveX Control Arbitrary File Download (Metasploit)

$Id: enjoysapguicompdownload.rb 11189 2010-12-01 03:18:05Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

EnjoySAP SAP GUI ActiveX Control Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'EnjoySAP SAP...

SAP GUI unauthorized access

KWEdit ActiveX has unsafe SaveDocumentAs method...

CVE-2008-4830

CVE-2008-4830 is an insecure method vulnerability in SAP GUI’s KWEdit ActiveX control (KWEDIT.DLL 6400.1.1.41 and 7100.1.1.43). The SaveDocumentAs method can allow an attacker to overwrite arbitrary files, and the OpenDocument method can read or execute arbitrary files on a remote host. Affected ...

SAP GUI KWEdit ActiveX控件不安全SaveDocumentAs()调用漏洞

BUGTRAQ ID: 34524 CVECAN ID: CVE-2008-4830 SAPgui是SAP软件的图形用户界面客户端。 SAPgui所捆绑的KWEdit ActiveX控件（KWEDIT.DLL）提供了不安全的SaveDocumentAs函数。如果用户受骗访问了恶意网页的话，该函数可能将 HTML文档保存到指定的位置。如果结合OpenDocument方式的话，远程攻击者就可以泄露任意文件的内容，或在用户系统上执行任意代码。 SAP Sapgui 7.10 Patch 5 SAP Sapgui 6.40 Patch 29 SAP ---...

EnjoySAP SAP GUI ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in SAP KWEdit ActiveX Control kwedit.dll 6400.1.1.41 provided by EnjoySAP GUI. By sending an overly long string to the "PrepareToPostHTML" method, an attacker may be able to execute arbitrary code. This module requires Metasploit:...