Lucene search

[email protected]CVE-2008-4387

HistoryNov 10, 2008 - 4:15 p.m.

CVE-2008-4387

2008-11-1016:15:04

CWE-94

[email protected]

web.nvd.nist.gov

cve-2008-4387

sap

sapgui

mdrmsap.dll

internet explorer

remote code execution

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.061 Low

EPSS

Percentile

93.6%

JSON

Unspecified vulnerability in the Simba MDrmSap ActiveX control in mdrmsap.dll in SAP SAPgui allows remote attackers to execute arbitrary code via unknown vectors involving instantiation by Internet Explorer.

Affected configurations

NVD

Node

sapsapgui

simba_technologiesmdrmsap_activex_control

AND

microsoftinternet_explorer

CPENameOperatorVersion
sap:sapguisap sapguieq*
simba_technologies:mdrmsap_activex_controlsimba technologies mdrmsap activex controleq*

CPE	Name	Operator	Version
sap:sapgui	sap sapgui	eq	*
simba_technologies:mdrmsap_activex_control	simba technologies mdrmsap activex control	eq	*

References

osvdb.org/49721

www.kb.cert.org/vuls/id/277313

www.securityfocus.com/bid/32186

www.vupen.com/english/advisories/2008/3106

exchange.xforce.ibmcloud.com/vulnerabilities/46440

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.061 Low

EPSS

Percentile

93.6%

JSON

Related for CVE-2008-4387

cvelist1 nvd1 seebug1 cert1 d21 nessus1 prion1