9.3

CVE-2008-4830

Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SAPSap Gui Version6.40
SAPSap Gui Version7.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 27.59% 0.978
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/32869
Vendor Advisory
http://secunia.com/secunia_research/2008-56/
Vendor Advisory
http://www.securityfocus.com/archive/1/502698/100/0/threaded
http://www.securityfocus.com/bid/34524
http://www.securitytracker.com/id?1022062
http://www.vupen.com/english/advisories/2009/1043
Patch
Vendor Advisory