ID
VAR-E-201101-0145
TITLE
SAP Crystal Reports Server Multiple Vulnerabilities
Trust: 0.3
DESCRIPTION
SAP Crystal Reports Server is prone to multiple cross-site scripting vulnerabilities and a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
The cross-site scripting issues can be exploited to execute script code in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials. The directory-traversal issue can be exploited to disclose the contents of arbitrary files.
SAP Crystal Reports Server 2008 is vulnerable.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | sap | model: | crystal reports server | scope: | eq | version: | 20080 | Trust: 0.3 |
EXPLOIT
An attacker can exploit a directory-traversal issue using a browser. To exploit a cross-site scripting issue, the attacker must entice an unsuspecting victim to follow a malicious URI.
The following example URI is available:
http://www.example.com:8080/PerformanceManagement/jsp/qa.jsp?func=browse&root=wi&path=../../../../../../boot.ini
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Input Validation Error
Trust: 0.3
CREDITS
Dmitry Chastuhin
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 45980 | Trust: 0.3 |
REFERENCES
| url: | http://dsecrg.com/pages/vul/show.php?id=303 | Trust: 0.3 |
| url: | https://service.sap.com/sap/support/notes/1476930 | Trust: 0.3 |
| url: | https://service.sap.com/sap/support/notes/1458310 | Trust: 0.3 |
| url: | http://www.sap.com/solutions/sapbusinessobjects/sme/reporting/crystalreportsserver/index.epx | Trust: 0.3 |
| url: | http://dsecrg.com/pages/vul/show.php?id=301 | Trust: 0.3 |
SOURCES
| db: | BID | id: | 45980 |
LAST UPDATE DATE
2022-07-27T09:35:53.950000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 45980 | date: | 2011-01-14T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 45980 | date: | 2011-01-14T00:00:00 |