SAP AG SAPgui KWEdit ActiveX Control Insecure Method Remote Code Execution Vulnerability
SAP AG SAPgui KWEdit ActiveX control is prone to a remote code-execution vulnerability.
Successfully exploiting this issue allows an attacker to execute arbitrary code in the context of the application running the affected control (typically Internet Explorer).
This issue affects the following:
SAPgui 6.40 Patch Level 29 with KWEDIT.DLL 6400.1.1.41
SAPgui 7.10 Patch Level 5 with KWEDIT.DLL 722.214.171.124
Other versions may be vulnerable as well.