header-logo
Suggest Exploit
vendor:
Crystal Reports XI Professional
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: Crystal Reports XI Professional
Affected Version From: 11
Affected Version To: 11
Patch Exists: Yes
Related CWE: N/A
CPE: a:business_objects:crystal_reports_xi_professional
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Business Objects Crystal Reports XI Professional Buffer Overflow Vulnerability

Business Objects Crystal Reports XI Professional is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. An attacker may exploit this issue by enticing a victim user into opening a malicious document file, resulting in the execution of arbitrary code with privileges of the vulnerable application. Failed exploit attempts will likely result in denial-of-service conditions.

Mitigation:

Users should avoid opening untrusted documents and should ensure that all software is kept up to date.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/21261/info

Business Objects Crystal Reports XI Professional is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

An atacker may exploit this issue by enticing a victim user into opening a malicious document file, resulting in the execution of arbitrary code with privileges of the vulnerable application. Failed exploit attemtps will likely result in denial-of-service conditions.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/29171.rpt

Navigation

Suggest Exploit

Services By CQR