Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAP GUI KWEditActiveX控件不安全SaveDocumentAs()调用漏洞
Vulnerability Description
SAPgui是SAP软件的图形用户界面客户端。 SAPgui所捆绑的KWEdit ActiveX控件(KWEDIT.DLL)提供了不安全的SaveDocumentAs()函数。如果用户受骗访问了恶意网页的话,该函数可能将HTML文档保存到指定的位置。如果结合OpenDocument()方式的话,远程攻击者就可以泄露任意文件的内容,或在用户系统上执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A