CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2009-3344
https://notcve.org/view.php?id=CVE-2009-3344
Unspecified vulnerability in SAP Crystal Reports Server 2008 on Windows XP allows attackers to cause a denial of service (infinite loop) via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.3 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en SAP Crystal Reports Server 2008 en Windows XP permite a los atacantes causar una denegación de servicio (bucle infinito) a través de vectores desconocidos, como se demuestra en un módulo en VulnDisco Pack Professional v8.3 hasta v8.11. NOTA: como en 20090917, esta información no se tiene información de la acción. • http://intevydis.com/vd-list.shtml http://secunia.com/advisories/36583 http://www.securityfocus.com/bid/36267 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2009-3345
https://notcve.org/view.php?id=CVE-2009-3345
Heap-based buffer overflow in SAP Crystal Reports Server 2008 has unknown impact and attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.3 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Desbordamiento de búfer basado en memoria dinámica -heap- en SAP Crystal Reports Server 2008, tiene impacto y vectores de ataque desconocidos, como se ha demostrado en determinado módulo de VulnDisco Pack Professional v8.3 hasta v8.11. NOTA: a fecha de 17/09/2009, este aviso no cuenta con más información. • http://intevydis.com/vd-list.shtml http://secunia.com/advisories/36583 http://www.securityfocus.com/bid/36267 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 0CVE-2009-3346
https://notcve.org/view.php?id=CVE-2009-3346
Unspecified vulnerability in SAP Crystal Reports Server 2008 allows remote attackers to execute arbitrary code via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.3 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en AP Crystal Reports Server 2008 permite a los atacantes remotos ejecutar arbitrariamente código a través de vectores desconocidos, como se demuestra en ciertos módudos en VulnDisco Pack Professional v8.3 hasta v8.11. NOTA: como 20090917, esta información no tiene información de la acción. • http://intevydis.com/vd-list.shtml http://secunia.com/advisories/36583 http://www.securityfocus.com/bid/36267 •