EnjoySAP SAP GUI ActiveX Control Arbitrary File Download

This module allows remote attackers to place arbitrary files on a users file system by abusing the "CompDownload" method in the SAP KWEdit ActiveX Control kwedit.dll 6400.1.1.41. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2007-3605

CVE-2007-3605 is a stack-based buffer overflow in SAP GUI’s EnjoySAP KWEdit ActiveX (kwedit.dll) that allows remote code execution via a too-long argument to PrepareToPostHTML. Public references mention kwedit.dll (version 6400.1.1.41 in the Metasploit module) and an exploit presence (Exploit-DB ...

CVE-2007-3605

Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit.dll in the EnjoySAP SAP GUI allows remote attackers to execute arbitrary code via a long argument to the PrepareToPostHTML function...

EnjoySAP ActiveX kweditcontrol.kwedit.1 - Remote Stack Overflow (PoC)

Vendor: SAP Vendor Reference: SECRES-289 Systems Affected: All Versions Risk: High Status: Fixed ======== TimeLine ======== Discovered: 4 January 2007 Released: 19 January 2007 Approved: 29 January 2007 Reported: 11 January 2007 Fixed: 18 May 2007 Published: =========== Description ===========...