CVE-2004-1981
https://notcve.org/view.php?id=CVE-2004-1981
The web interface for Crystal Reports allows remote attackers to cause a denial of service (disk exhaustion) by repeatedly requesting reports without retrieving the associated image files, which are not cleared from the image file folder. • http://marc.info/?l=bugtraq&m=108360413811017&w=2 http://marc.info/?l=bugtraq&m=108671836127360&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/16046 •
CVE-2003-1249
https://notcve.org/view.php?id=CVE-2003-1249
WebIntelligence 2.7.1 uses guessable user session cookies, which allows remote attackers to hijack sessions. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0014.html http://secunia.com/advisories/7846 http://www.iss.net/security_center/static/11026.php http://www.securityfocus.com/archive/1/305991 http://www.securityfocus.com/bid/6569 http://www.securitytracker.com/id?1005906 •
CVE-2001-1464
https://notcve.org/view.php?id=CVE-2001-1464
Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords. • http://www.kb.cert.org/vuls/id/403307 https://exchange.xforce.ibmcloud.com/vulnerabilities/7928 •