3 matches found
CVE-2011-5154
The CVE-2011-5154 entry covers SAP GUI 6.4–7.2 with two vulnerable executables (SAPGui.exe and BExAnalyzer.exe). The issue is an untrusted search path that allows privilege escalation via a Trojan horse MFC80LOC.DLL in the current working directory, demonstrated by a directory containing a .sap f...
CVE-2023-49580
SAP GUI for Windows and SAP GUI for Java — affected: SAP_BASIS 755, 756, 757, 758. Unauthenticated attacker can access restricted/confidential information and can create Layout configurations in the ABAP List Viewer, causing mild impacts to integrity and availability (e.g., increased ABAP respons...
CVE-2021-21448
CVE-2021-21448 affects SAP GUI for Windows (version 7.60). The issue allows an attacker with local access and at least OS user privileges to spoof logon credentials for Application Server ABAP backend systems by manipulating client memory, potentially accessing restricted information. Exploitatio...