Stack-based buffer overflow in EAI WebViewer3D ActiveX control (webviewer3d.dll) in SAP AG SAPgui before 7.10 Patch Level 9 allows remote attackers to execute arbitrary code via a long argument to the SaveViewToSessionFile method.
2009-04-01T18:30:00.547
2025-04-09T00:30:58.490
Deferred
CVSSv2: 9.3 (HIGH)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | sap | sapgui | * | Yes |
| Application | sap | sapgui | ≤ 7.10 | Yes |
| Application | sap | sapgui | 4.6 | Yes |
| Application | sap | sapgui | 4.6 | Yes |
| Application | sap | sapgui | 4.6a | Yes |
| Application | sap | sapgui | 4.6a | Yes |
| Application | sap | sapgui | 4.6b | Yes |
| Application | sap | sapgui | 4.6b | Yes |
| Application | sap | sapgui | 4.6c | Yes |
| Application | sap | sapgui | 4.6c | Yes |
| Application | sap | sapgui | 4.6d | Yes |
| Application | sap | sapgui | 4.6d | Yes |
| Application | sap | sapgui | 6.40 | Yes |