cancel
Showing results for 
Search instead for 
Did you mean: 

SAP Crystal Reports Print ActiveX Control Buffer Overflow Vulnerability-2

Murtaza_Nadeem
Discoverer
0 Kudos
176

We are currently using Crystal Reports 2008 version 12.3.0.601 and is no longer in active development.

This version contains the below risks

CVE-2010-2567: This vulnerability is a buffer overflow issue in the Print ActiveX Control, allowing remote attackers to execute arbitrary code via crafted input.

CVE-2010-2590: This vulnerability is related to improper input validation in the Print ActiveX Control, also allowing remote attackers to execute arbitrary code.

We need to know from SAP and check if these vulnerabilities have actually been addressed (I doubt)

Accepted Solutions (0)

Answers (0)