Symptom
- Security scanning tool may report the following vulnerability: CWE-427 - Uncontrolled Search Path Element.
- At startup, PD attempts to load the msdia100.dll file.
- Because this file is not present in the installation, the client will search the PATH until it finds it.
- If an attacker places a DLL with the same name in the path to run hacking tools, PD will load and execute it.
Read more...
Environment
SAP PowerDesigner (PD) 16.7
Product
SAP PowerDesigner 16.7
Keywords
Visual, C++, VC++, CR828356, CR#828356, 828356 , KBA , BC-SYB-PD , PowerDesigner , Known Error
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.