CVE-2007-4475

Name of the Vulnerable Software and Affected Versions SAPgui versions prior to 7.10 Patch Level 9

Description The issue is related to a stack-based buffer overflow in the EAI WebViewer3D ActiveX control, which is part of the SAPgui. This overflow can be triggered by passing a long argument to the SaveViewToSessionFile method, potentially allowing remote attackers to execute arbitrary code.

Recommendations For SAPgui versions prior to 7.10 Patch Level 9, update to version 7.10 Patch Level 9 or later to resolve the issue. As a temporary workaround, consider restricting access to the SaveViewToSessionFile method in the webviewer3d.dll ActiveX control until a patch is applied.