CVE-2007-3607
published 2007-07-06CVE-2007-3607: Multiple unspecified vulnerabilities in ActiveX controls in the EnjoySAP SAP GUI allow remote attackers to cause a denial of service (process crash) via…
PriorityP418medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
3.75%
88.5th percentile
Multiple unspecified vulnerabilities in ActiveX controls in the EnjoySAP SAP GUI allow remote attackers to cause a denial of service (process crash) via unspecified vectors.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
EnjoySAP ActiveX kweditcontrol.kwedit.1 - Remote Stack Overflow (PoC)
exploitdb·2007-07-05
CVE-2007-3608 EnjoySAP ActiveX kweditcontrol.kwedit.1 - Remote Stack Overflow (PoC)
EnjoySAP ActiveX kweditcontrol.kwedit.1 - Remote Stack Overflow (PoC)
---
Vendor: SAP
Vendor Reference: SECRES-289
Systems Affected: All Versions
Risk: High
Status: Fixed
TimeLine
Discovered: 4 January 2007
Released: 19 January 2007
Approved: 29 January 2007
Reported: 11 January 2007
Fixed: 18 May 2007
Published:
Description
EnjoySAP, also know as Enjoy is the most popular SAP GUI used today. The
latest version can be obtained from ftp://ftp.sap.com/pub/sapgui/win/
When installing EnjoySAP, in appreciation of its vast size for being a
client (around 500MB), there are an astounding 1102 ActiveX controls
installed.
A relatively brief examinaton of these controls, found a large number of
instances that would terminate EnjoySAP process, there were a number that
could create files on the
Exploit-DB
EnjoySAP ActiveX rfcguisink.rfcguisink.1 - Remote Heap Overflow (PoC)
exploitdb·2007-07-05
CVE-2007-3608 EnjoySAP ActiveX rfcguisink.rfcguisink.1 - Remote Heap Overflow (PoC)
EnjoySAP ActiveX rfcguisink.rfcguisink.1 - Remote Heap Overflow (PoC)
---
Vendor: SAP
Vendor Reference: SECRES-290
Systems Affected: All ASCII Versions
Risk: High
Status: Fixed
TimeLine
Discovered: 4 January 2007
Released: 19 January 2007
Approved: 29 January 2007
Reported: 12 January 2007
Fixed: 27 March 2007
Published:
Description
EnjoySAP, also know as Enjoy is the most popular SAP GUI used today. The
latest version can be obtained from ftp://ftp.sap.com/pub/sapgui/win/
When installing EnjoySAP, in appreciation of its vast size for being a
client (around 500MB), there are an astounding 1102 ActiveX controls
installed.
A relatively brief examinaton of these controls, found a large number of
instances that would terminate EnjoySAP process, there were a number that
could create file
No writeups or analysis indexed.
http://osvdb.org/37688http://securityreason.com/securityalert/2873http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-enjoysap-stack-overflow/http://www.securityfocus.com/archive/1/472887/100/0/threadedhttp://www.securityfocus.com/bid/24776https://www.exploit-db.com/exploits/4148https://www.exploit-db.com/exploits/4149http://osvdb.org/37688http://securityreason.com/securityalert/2873http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-enjoysap-stack-overflow/http://www.securityfocus.com/archive/1/472887/100/0/threadedhttp://www.securityfocus.com/bid/24776https://www.exploit-db.com/exploits/4148https://www.exploit-db.com/exploits/4149
2007-07-06
Published