ID
VAR-E-201101-0030
TITLE
SAP Crystal Reports Server ActiveX Control Multiple Insecure Method Vulnerabilities
Trust: 0.3
sources:
BID: 45977
DESCRIPTION
The SAP Crystal Reports Server ActiveX control is prone to multiple insecure-method vulnerabilities.
Successful exploits will compromise affected computers or cause denial-of-service conditions; other attacks are possible.
SAP Crystal Reports Server 2008 is vulnerable.
Trust: 0.3
sources:
BID: 45977
AFFECTED PRODUCTS
| vendor: | sap | model: | crystal reports server | scope: | eq | version: | 20080 | Trust: 0.3 |
sources:
BID: 45977
EXPLOIT
To exploit these issues, an attacker must entice an unsuspecting user to view a malicious web document.
Trust: 0.3
sources:
BID: 45977
PRICE
Free
Trust: 0.3
sources:
BID: 45977
TYPE
Design Error
Trust: 0.3
sources:
BID: 45977
CREDITS
Dmitry Chastuhin
Trust: 0.3
sources:
BID: 45977
EXTERNAL IDS
| db: | BID | id: | 45977 | Trust: 0.3 |
sources:
BID: 45977
REFERENCES
| url: | http://dsecrg.com/pages/vul/show.php?id=302 | Trust: 0.3 |
| url: | https://service.sap.com/sap/support/notes/1458309 | Trust: 0.3 |
| url: | http://www.sap.com/solutions/sapbusinessobjects/sme/reporting/crystalreportsserver/index.epx | Trust: 0.3 |
sources:
BID: 45977
SOURCES
| db: | BID | id: | 45977 |
LAST UPDATE DATE
2022-07-27T09:43:13.049000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 45977 | date: | 2011-01-14T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 45977 | date: | 2011-01-14T00:00:00 |