Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:24262
HistoryJul 17, 2010 - 12:00 a.m.

SAPGui BI wadmxhtml.dll Tags Property Heap Corruption

2010-07-1700:00:00
vulners.com
13
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Who

SAP
http://www.sap.com

What

SAPGui BI component

File: %PROGRAMFILES%\sap\business explorer\bi\wadmxhtml.dll
Version: 7100.1.400.8
ClassID: 30DD068D-5AD9-434C-AAAC-46ABE37194EB
RegKey Safe for Script: False
RegKey Safe for Init: False
Implements IObjectSafety: True
IDisp Safe: Safe for untrusted: caller,data
IPersist Safe: Safe for untrusted: caller,data
KillBitSet: False

How

Vulnerable Property: Tags

The Tags property can be manipulated to trigger heap corruption
resulting in the execution of arbitrary code.

Fix

SAP set the kill-bit for this control with Patch 17 for SAPGui.
Alternatively, you can set the kill-bit manually, please see
http://support.microsoft.com/kb/240797.

Credit

Elazar Broad
-----BEGIN PGP SIGNATURE-----
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify

wpwEAQECAAYFAkw/NAsACgkQi04xwClgpZiFhQP/RfjeHhaBzFZDcwpvkq8eAsE1QclV
8pqzmhDv5xXh8s+hbKYyLqLq8St/3z6reBKoHP0//BVbOSE/1CTRCyiJuKjV0SLP3qdb
vkCzrtg5eoGCKUvEWoqjE6NNysmV/P0j88T/NRBv3jkznINWAl6mf+n/JwKC4KC57wKQ
9n3IjvY=
=yNee
-----END PGP SIGNATURE-----

JSON