Intrusion Prevention

SAP.EnjoySAP.ActiveX.Control.Command.Execution

Description

This indicates an attack attempt against a stack-based buffer-overflow vulnerability in the the EnjoySAP SAP GUI.
The vulnerability is in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit.dll and is caused by an error when the vulnerable ActiveX control handles overly long parameters. The vulnerability can be leveraged by attackers to execute arbitrary code.

Affected Products

SAP EnjoySAP

Impact

Arbitrary code execution

Recommended Actions

The vendor has released a fix to address this issue. Please visit the vendor's website for more information:
http://www.sap.com/

CVE References

CVE-2007-3605