SAP SAPgui SAPIrRfc ActiveX (sapirrfc.dll) Accept Function Overflow
High Nessus Plugin ID 40618
SynopsisThe remote Windows host has an ActiveX control that is affected by a buffer overflow vulnerability.
DescriptionThe remote host contains the 'SAPIrRfc' ActiveX control included with SAP GUI version 6.40 for Windows.
This control is reportedly affected by a heap-based overflow involving the 'Accept' method of 'IRfcServer' interface of the 'SAPIrRfc' control.
If an attacker can trick a user on the affected host into visiting a specially crafted web page, this issue could be leveraged to execute arbitrary code on the host subject to the user's privileges.
The existence of this vulnerability is confirmed in sapirrfc.dll version 188.8.131.52. Previous versions may also be affected.
SolutionApply the patch for the control as described in the vendor advisory.