[ERPSCAN-09-015] SAP GUI 6.4 Buffer Overflow Vulnerability
Application: EnjoySAP, SAP GUI for Windows
Versions Affected: Version 6.4
Vendor URL: http://sap.com
Bugs: Buffer Overflow
Vendor response: 17.11.2008
Date of Public Advisory: 08.06.2009
Author: Alexandr Polyakov
SAP GUI for Windows version 6.4 contains ActiveX component SAPIrRfc which is vulnerable to Buffer overflow attack.
An attacker can send a malicious link to an unaware user using e-mail, messaging or social networks. He also can insert this link into corporate portal. When clicking this link the end user browser will call vulnerable ActiveX component and overflow a stack buffer resulting in arbitrary code execution under the context of the user running the browser. It can be used by attacker to gain full control on victim’s workstation.