Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Exploits (Java Script, Flash, ActiveX) - SAP principles found where?

Former Member
0 Kudos

Hi people!

SAP releases support for rich Web Browser applications in Web Dynpro (Flash).

The use of the Web Browser as FrontEnd in Business transactions will grow in the future.

Every week we read of new exploits in applications that enriches the Web Browsers.

It could be Java Script, Flash or ActiveX. Like this for example:

http://www.computerworld.com/s/article/9140768/Flash_flaw_puts_most_sites_users_at_risk_say_research...

Some exploits has over the years been so severe that users have been recommended to deactivate the application until a solution is delivered.

If we are dependent of the Web Browser application for important Business Transactions it becomes more problematic to deactivate it.

I am looking for information around this area. I have not found anything in SAPNet or SDN, but I have some problems knowing where to look. I have not found this aspect somewhere.

If you have information of official documents or URLs, please provide it in this thread.

Cheers,

Lasse

1 REPLY 1

Former Member
0 Kudos

Hi,

I'm not 100% sure if this will help, but you could have a look at two places:

SAP Security Guides: [https://websmp210.sap-ag.de/securityguide]

There are security guides for all applications / installations giving recommendations on how to secure the systems.

SAP Security notes: [https://websmp102.sap-ag.de/securitynotes]

These SAP OSS notes describe security issues in various SAP components including web applications. On monthly basis security issues and their solutions are published here

Kind regards

Maaike