Intrusion Prevention

SAP.GUI.TabOne.ActiveX.Control.Caption.List.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in the SAP GUI.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted web page. It allows a remote attacker to execute arbitrary code.

Affected Products

Servantix TSC2 Help Desk 4.1.8
SAP SAP GUI 7.10
SAP SAP GUI 6.40 Patch 29
ComponentOne Studio for ActiveX 2008 0
ComponentOne Studio Enterprise 2008 0
ComponentOne SizerOne 8.0.20081 140

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to Tab ActiveX control (c1sizer.ocx) version 8.0.20081.142.

CVE References

CVE-2008-4827