Details of VAR-201101-0485

ID

VAR-201101-0485

TITLE

SAP Crystal Reports Server ActiveX Control Multiple Insecure Method Vulnerabilities

Trust: 0.3

sources: BID: 45977

DESCRIPTION

The SAP Crystal Reports Server ActiveX control is prone to multiple insecure-method vulnerabilities. Successful exploits will compromise affected computers or cause denial-of-service conditions; other attacks are possible. SAP Crystal Reports Server 2008 is vulnerable.

Trust: 0.3

sources: BID: 45977

AFFECTED PRODUCTS

vendor:

sap

model:

crystal reports server

scope:

version:

20080

Trust: 0.3

sources: BID: 45977

THREAT TYPE

network

Trust: 0.3

sources: BID: 45977

TYPE

Design Error

Trust: 0.3

sources: BID: 45977

EXTERNAL IDS

db:

BID

id:

45977

Trust: 0.3

sources: BID: 45977

REFERENCES

url:	http://dsecrg.com/pages/vul/show.php?id=302	Trust: 0.3
url:	http://www.sap.com/solutions/sapbusinessobjects/sme/reporting/crystalreportsserver/index.epx	Trust: 0.3
url:	https://service.sap.com/sap/support/notes/1458309	Trust: 0.3

sources: BID: 45977

CREDITS

Dmitry Chastuhin

Trust: 0.3

sources: BID: 45977

SOURCES

db:

BID

id:

45977

LAST UPDATE DATE

2022-05-17T02:08:18.863000+00:00

SOURCES UPDATE DATE

db:

BID

id:

45977

date:

2011-01-14T00:00:00

SOURCES RELEASE DATE

db:

BID

id:

45977

date:

2011-01-14T00:00:00