Stack-based Buffer Overflow in Crystal Reports by Business Objects
CVE-2006-6133

Currently unrated

Key Information:

Vendor: Microsoft
Status: Visual Studio .net; Crystal Reports Xi
Vendor: CVE Published:; 28 November 2006

What is CVE-2006-6133?

A stack-based buffer overflow exists in Crystal Reports integrated with Microsoft Visual Studio .NET, which can be triggered by processing a specially crafted RPT file. This vulnerability allows for user-assisted remote attacks, potentially leading to the execution of arbitrary code on the affected system. Users utilizing specific versions of Crystal Reports should ensure they update to the patched versions to mitigate the risk of exploitation.

References

http://securitytracker.com/id?1017279

vdb-entryx_refsource_SECTRACK

http://www.vupen.com/english/advisories/2007/3114

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/30532

vdb-entryx_refsource_XF

EPSS Score

72% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 28, 2006
Vulnerability Reserved
Nov 27, 2006