Directory Traversal Vulnerability in Crystal Reports and Crystal Enterprise Web Form Viewer

vendor:

Crystal Reports and Crystal Enterprise Web Form Viewer

by:

7.5

CVSS

HIGH

Directory Traversal

CWE

Product Name: Crystal Reports and Crystal Enterprise Web Form Viewer

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

Directory Traversal Vulnerability in Crystal Reports and Crystal Enterprise Web Form Viewer

The vulnerability allows an attacker to retrieve and delete files, resulting in information disclosure and denial of service attacks. By sending directory traversal sequences and requesting a file through a vulnerable parameter, an attacker can exploit this issue.

Mitigation:

Apply patches provided by the vendor. Avoid exposing vulnerable modules to the internet.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/10260/info

Crystal Reports and Crystal Enterprise Web Form Viewer is prone to a directory traversal vulnerability. This issue can allow an attacker to retrieve and delete files, allowing for information disclosure and denial of service attacks.

An attacker can exploit this issue by sending directory traversal sequences and requesting a file through a vulnerable parameter of one of the affected modules. 

Microsoft Visual Studio .NET 2003, Outlook 2003 with Business Contact Manager, and Business Solutions CRM 1.2 are also vulnerable to this issue as Microsoft re-distributes Crystal Reports.

http://www.example.com/crystalreportviewers/crystalimagehandler.aspx?dynamicimage=..\..\..\..\..\mydocuments\private\passwords.txt