Vulnerabilities (CVE)

Filtered by vendor Sap Subscribe

Filtered by product Crystal Reports

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2010-3032	1 Sap	1 Crystal Reports	2018-10-10	10.0 HIGH	N/A
Integer overflow in the OBGIOPServerWorker::extractHeader function in the ebus-3-3-2-6.dll module in SAP Crystal Reports 2008 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GIOP packet with a crafted size, which triggers a heap-based buffer overflow.
CVE-2010-2590	1 Sap	1 Crystal Reports	2018-10-10	9.3 HIGH	N/A
Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll 12.3.2.753 in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote attackers to execute arbitrary code via a long ServerResourceVersion property value.
CVE-2014-5505	1 Sap	1 Crystal Reports	2017-09-08	6.8 MEDIUM	N/A
Stack-based buffer overflow in SAP Crystal Reports allows remote attackers to execute arbitrary code via a crafted data source string in an RPT file.
CVE-2014-5506	1 Sap	1 Crystal Reports	2017-01-07	6.8 MEDIUM	N/A
Double free vulnerability in SAP Crystal Reports allows remote attackers to execute arbitrary code via crafted connection string record in an RPT file.