virus logo Intrusion Prevention

SAP.AG.SAPgui.sapirrfc.dll.Remote.Buffer.Overflow

description-logoDescription

This indicates an attack attempt to exploit an arbitrary Code Execution vulnerability in the SAPgui ActiveX control.
The vulnerability is located in the "sapirrfc.dll" ActiveX control. It can be exploited by sending an overly long string to the Accept() method, allowing remote attackers to execute arbitrary code in the context of the application using the affected ActiveX control. Failed exploit attempts will likely cause the program to crash, resulting in a Denial of Service condition.

affected-products-logoAffected Products

SAP AG SAPgui 6.4

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest version, available from the web site.
http://www.sap.com

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-12-03 16.973
ID 27482
Created Jul 19, 2011
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows
Affected App SAP