Arbitrary Code Execution Vulnerability in SAP NetWeaver Business Client ActiveX Control

CVE-2010-4556 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Stack-based buffer overflow in the SapThemeRepository ActiveX control (sapwdpcd.dll) in SAP NetWeaver Business Client allows remote attackers to execute arbitrary code via the (1) Load and (2) LoadTheme methods.

Learn more about our Web Application Penetration Testing UK.