CVE-2008-4830 in GUIinfo

Summary

Insecure method vulnerability in the KWEdit ActiveX control in SAP GUI 6.40 Patch 29 (KWEDIT.DLL 6400.1.1.41) and 7.10 Patch 5 (KWEDIT.DLL 7100.1.1.43) allows remote attackers to (1) overwrite arbitrary files via the SaveDocumentAs method or (2) read or execute arbitrary files via the OpenDocument method.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

10/31/2008

Disclosure

04/16/2009

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-119 (Confirmed)

Exploit

Download

CVSS

10.0

EPSS

0.62466

CTI

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-4830
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-4830
CVE Details	https://www.cvedetails.com/cve/CVE-2008-4830/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!