SAP.EnjoySAP.ActiveX.Control.Command.Execution
Description
This indicates an attack attempt against a stack-based buffer-overflow vulnerability in the the EnjoySAP SAP GUI.
The vulnerability is in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit.dll and is caused by an error when the vulnerable ActiveX control handles overly long parameters. The vulnerability can be leveraged by attackers to execute arbitrary code.
Affected Products
SAP EnjoySAP
Impact
Arbitrary code execution
Recommended Actions
The vendor has released a fix to address this issue. Please visit the vendor's website for more information:
http://www.sap.com/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |