6 matches found
CVE-2008-0621
CVE-2008-0621 is a buffer-overflow vulnerability in SAPlpd (the SAP GUI print server) affecting SAPlpd 6.28 and earlier, included with SAP GUI 7.10 and SAPSprint before 1018. The issue arises when handling LPD commands (notably 0x01, 0x02, 0x03, 0x04, 0x05; related reports mention additional comm...
CVE-2007-4475
Summary: CVE-2007-4475 describes a stack-based buffer overflow in the EAI WebViewer3D ActiveX control (webviewer3d.dll) bundled with SAPgui. The vulnerability arises when processing a long argument to the SaveViewToSessionFile method, enabling remote code execution. Affected software/versions: SA...
CVE-2003-1035
CVE-2003-1035 describes a vulnerability in the default installation of SAP R/3 46C/D where remote attackers can bypass account lockout by using the RFC API instead of the SAPGUI to perform brute-force password guessing, since the SAPGUI lockout does not occur. The description notes that the RFC-b...
CVE-2008-0620
SAPlpd (SAPLPD) vulnerability CVE-2008-0620 affects SAPlpd in SAP GUI packages up to version 6.28/7.10 with SAPSprint prior to 1018. The issue arises when handling LPD commands: multiple buffer/overflow conditions are triggered by long parameters for commands 0x01–0x05, 0x31–0x35, potentially all...
CVE-2002-1579
The vulnerability CVE-2002-1579 affects SAP GUI (Sapgui) 4.6D. A remote attacker can cause a crash by connecting to a high-numbered port, triggering an “unknown connection data” error. The available documents confirm the affected product and the crash-inducing connection vector, with no details o...
CVE-2008-4387
The CVE concerns SAP GUI for Windows (SAPgui) component MDrmSap ActiveX (mdrmsap.dll). A buffer overflow in the ActiveX control, reportedly affected in version 3.5.1.635 (and possibly earlier), can be triggered during instantiation from Internet Explorer, enabling remote code execution with user ...