📦

crystal_reports_xi

Vendor: businessobjects

Actively Exploited 0 CISA KEV List

PoC / Exploits 2 Code Available

Total RCEs 1 Remote Access

Total CVEs 4 Total Indexed

Avg. EPSS 28.91% Exploit Prob.

Latest CVE CVE-2008-0379 Jan 22

Security Vulnerability Index

Page 1 / 1

9.3 CVSS

CVE-2008-0379

RCE Exploit Found

Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method, which triggers a buffer overflow.

EPSS: 13.45%

Severity: HIGH

Jan 22, 2008

7.6 CVSS

CVE-2006-6133

Exploit Found

Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote attackers to execute arbitrary code via a crafted RPT file.

EPSS: 71.93%

Severity: HIGH

Nov 28, 2006

5.0 CVSS

CVE-2005-4813

Unspecified vulnerability in Report Application Server (Crystalras.exe) before 11.0.0.1370, as used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote attackers to cause a denial of service (application hang) via certain network traffic, possibly involving multiple simultaneous TCP connections.

EPSS: 1.34%

Severity: MEDIUM

Dec 31, 2005

Displaying 3 of 4 Total Entries

Total 1 Sections