3 matches found
SAP GUI ActiveX unauthorized access
EAI WebViewer2D, VSFlexGrid, SAPBExCommonResources components insecure method...
Update Protection against SAP GUI SAPBExCommonResources ActiveX Command Execution
A buffer overflow vulnerability has been reported in SAP GUI, the GUI client in SAP's 3-tier architecture of database, application server and client. The vulnerability exists in the SAP GUI SAPBExCommonResources ActiveX control. The vulnerability may allow remote attackers to execute arbitrary...
SAP GUI SAPBExCommonResources ActiveX控件不安全方式调用漏洞
SAPgui是SAP软件的图形用户界面客户端。 SAP GUI所安装的SAPBExCommonResources activeX控件没有正确地过滤传送给Execute调用方式的参数,用户受骗访问了恶意网页并向该方式传送了恶意参数就会导致执行任意代码。 SAP Sapgui 7.1 临时解决方法: 为clsid: A009C90D-814B-11D3-BA3E-080009D22344设置kill bit。 厂商补丁: SAP --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...