CVE-2007-3606

Опубликовано: 06 июл. 2007

Источник: nvd

CVSS2: 7.6

EPSS Средний

Описание

Heap-based buffer overflow in the rfcguisink.rfcguisink.1 ActiveX control in the EnjoySAP SAP GUI, on systems using ASCII versions, allows remote attackers to execute arbitrary code via a long first argument to the LaunchGui function.

Ссылки

http://osvdb.org/37689
http://secunia.com/advisories/25959
http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-enjoysap-stack-overflow/
http://www.securityfocus.com/bid/24776
http://www.securityfocus.com/bid/24777
http://www.vupen.com/english/advisories/2007/2449
https://exchange.xforce.ibmcloud.com/vulnerabilities/35268
https://www.exploit-db.com/exploits/4149
http://osvdb.org/37689
http://secunia.com/advisories/25959
http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-enjoysap-stack-overflow/
http://www.securityfocus.com/bid/24776
http://www.securityfocus.com/bid/24777
http://www.vupen.com/english/advisories/2007/2449
https://exchange.xforce.ibmcloud.com/vulnerabilities/35268
https://www.exploit-db.com/exploits/4149

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:enjoysap:*:*:*:*:*:*:*:*

EPSS

Процентиль: 95%

0.19932

Средний

7.6 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-56rw-rc45-v8cg

github

почти 4 года назад