CVSS: 6.8EPSS: 58%CPEs: 1EXPL: 0CVE-2014-5505 – SAP Crystal Reports Datasource Stack Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-5505
Stack-based buffer overflow in SAP Crystal Reports allows remote attackers to execute arbitrary code via a crafted data source string in an RPT file. Desbordamiento de buffer basado en pila en SAP Crystal Reports permite a atacantes remotos ejecutar código arbitrario a través de una cadena de fuentes de datos manipulada en un fichero RPT. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Crystal Reports. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of RPT files. The issue lies in the processing of data source strings. • http://scn.sap.com/docs/DOC-8218 http://secunia.com/advisories/60877 http://www.securityfocus.com/bid/69558 http://www.zerodayinitiative.com/advisories/ZDI-14-301 https://exchange.xforce.ibmcloud.com/vulnerabilities/95740 https://service.sap.com/sap/support/notes/1999142 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.8EPSS: 30%CPEs: 1EXPL: 0CVE-2014-5506 – SAP Crystal Reports Connection String Processing Double Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-5506
Double free vulnerability in SAP Crystal Reports allows remote attackers to execute arbitrary code via crafted connection string record in an RPT file. Vulnerabilidad de doble liberación en SAP Crystal Reports permite a atacantes remotos ejecutar código arbitrario a través de un registro manipulado de cadenas de conexiones en un fichero RPT. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP Crystal Reports. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of RPT files. The issue lies in processing a connection string record. • http://scn.sap.com/docs/DOC-8218 http://secunia.com/advisories/61016 http://www.securityfocus.com/bid/69557 http://www.zerodayinitiative.com/advisories/ZDI-14-302 https://service.sap.com/sap/support/notes/1999142 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2011-4805
https://notcve.org/view.php?id=CVE-2011-4805
Cross-site scripting (XSS) vulnerability in pubDBLogon.jsp in SAP Crystal Report Server 2008 allows remote attackers to inject arbitrary web script or HTML via the service parameter. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en pubDBLogon.jsp en SAP Crystal Report Server 2008, permite a atacantes remotos ejecutar secuencias de comandos web o HTML a través del parámetro service. • http://dsecrg.com/pages/vul/show.php?id=333 http://www.sdn.sap.com/irj/sdn/index?rid=/webcontent/uuid/c05604f6-4eb3-2d10-eea7-ceb666083a6a http://www.securityfocus.com/archive/1/520560/100/0/threaded https://service.sap.com/sap/support/notes/1562292 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 92%CPEs: 1EXPL: 5CVE-2010-2590 – Crystal Reports CrystalPrintControl - ActiveX ServerResourceVersion Property Overflow
https://notcve.org/view.php?id=CVE-2010-2590
Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll 12.3.2.753 in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote attackers to execute arbitrary code via a long ServerResourceVersion property value. Desbordamiento de búfer basado en memoria dinámica en el control CrystalReports12.CrystalPrintControl.1 ActiveX en PrintControl.dll v12.3.2.753 en SAP Crystal Reports 2008 SP3 Fix Pack v3.2 permite a atacantes remotos ejecutar código de su elección a través del valor de la propiedad ServerResourceVersion. • https://www.exploit-db.com/exploits/23472 https://www.exploit-db.com/exploits/15733 http://pocoftheday.blogspot.com/2010/12/crystal-reports-viewer-1200549-activex.html http://secunia.com/advisories/42305 http://secunia.com/secunia_research/2010-135 http://www.exploit-db.com/exploits/15733 http://www.osvdb.org/69917 http://www.securityfocus.com/archive/1/515369/100/0/threaded http://www.securityfocus.com/bid/45387 http://www.securitytracker.com/id?1024915 https://service& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 10%CPEs: 1EXPL: 0CVE-2010-3032
https://notcve.org/view.php?id=CVE-2010-3032
Integer overflow in the OBGIOPServerWorker::extractHeader function in the ebus-3-3-2-6.dll module in SAP Crystal Reports 2008 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GIOP packet with a crafted size, which triggers a heap-based buffer overflow. Desbordamiento de entero en la función OBGIOPServerWorker::extractHeader en el módulo ebus-3-3-2-6.dll de SAP Crystal Reports 2008 permite a atacantes remotos causar una denegación de servicio (caída) y posiblemente ejecutar código a su elección a través de un paquete GIOP con un tamaño manipulado, lo cual dispara un desbordamiento de búfer basado en pila. • http://dvlabs.tippingpoint.com/advisory/TPTI-10-07 http://osvdb.org/67080 http://secunia.com/advisories/40960 http://www.securityfocus.com/archive/1/513023/100/0/threaded http://www.securityfocus.com/archive/1/513024/100/0/threaded http://www.securityfocus.com/archive/1/513103/100/0/threaded http://www.securityfocus.com/bid/42374 http://www.securitytracker.com/id?1024334 http://www.vupen.com/english/advisories/2010/2074 https://exchange.xforce.ibmcloud.com/vulnerabilities/ • CWE-189: Numeric Errors •