SAP GUI Moniker Creation Multiple Vulnerabilities
High Nessus Plugin ID 36073
SynopsisThe remote Windows host has an ActiveX control that is affected by multiple buffer overflow vulnerabilities.
DescriptionThe version of the SAP GUI Moniker Creation ActiveX control installed on the remote Windows host is reportedly affected by 3 stack-based buffer overflows involving various properties and methods in 'MonikerUtil_dll.dll'. If an attacker can trick a user on the affected host into viewing a specially crafted HTML document, he can leverage these issues to execute arbitrary code subject to the user's privileges.
SolutionUpgrade to SAP GUI 7.10 Patch Level 9 or newer.