Description
When you use the OLE DB for OLAP provider, an access violation may occur in the dynamic link library (DLL) MDrmSAP.dll. This error may cause MS Internet Explorer to crash.
You can exploit this termination to execute other local programs with higher rights and to compromise system safety.
See Note 1092631 for information about how to prevent the use of the DLL.
Available fix and Supported packages
- SAP_BW | 350 | 350
- SAP_BW | 700 | 700
- SAP_BW | 710 | 710
- SAP_BW_VIRTUAL_COMP | 700 | 700
Affected component
- BW-BEX-OT-MDX
MDX,OLAP-BAPI,OLE DB for OLAP
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1142431