本ページは sap sapgui に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2007-4475 | Stack-based buffer overflow in EAI WebViewer3D ActiveX control (webviewer3d.dll) in SAP AG SAPgui before 7.10 Patch Level 9 allows remote attackers to execute arbitrary code via a long argument to the SaveViewToSessionFile method. | [email protected] | 9.3 | 40.31% | 2009-04-01 | 2026-06-16 |
| CVE-2008-4387 | Unspecified vulnerability in the Simba MDrmSap ActiveX control in mdrmsap.dll in SAP SAPgui allows remote attackers to execute arbitrary code via unknown vectors involving instantiation by Internet Explorer. | [email protected] | 9.3 | 15.50% | 2008-11-10 | 2026-06-16 |
| CVE-2008-0621 | Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands. | [email protected] | 7.5 | 73.36% | 2008-02-06 | 2026-06-16 |
| CVE-2008-0620 | SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to cause a denial of service (crash) via a 0x53 LPD command, which causes the server to terminate. | [email protected] | 10.0 | 3.31% | 2008-02-06 | 2026-06-16 |
| CVE-2003-1035 | The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does. | [email protected] | 7.5 | 1.54% | 2004-04-15 | 2026-06-16 |
| CVE-2002-1579 | SAP GUI (Sapgui) 4.6D allows remote attackers to cause a denial of service (crash) via a connection to a high-numbered port, which generates an "unknown connection data" error. | [email protected] | 5.0 | 1.57% | 2004-04-15 | 2026-06-16 |