Application: SAP GUI
Versions Affected: 6.4 — 7.2
Vendor URL: http://www.sap.com
Bugs: DLL hijacking
Vendor response: 26.08.2010
Date of Public Advisory: 09.03.2011
Author: Alexey Sintsov, Alexandr Polyakov
SAP Front End applications (SAPGui.exe) are vulnerable to DLL hijacking attacks. It makes possible to remote code execution.
Attacker can put malicious file on shared folder or internet site and send user a link to SAP shortcut. When victim try to open shortcuts in this folder SAP Frontend application will execute malicious code on the victim workstation giving attacker a full access to workstation.