CVE-2008-0379

Currently unrated

Key Information:

Vendor: Microsoft
Status: Activex; Crystal Reports Xi
Vendor: CVE Published:; 22 January 2008

Summary

Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method, which triggers a buffer overflow.

References

https://www.exploit-db.com/exploits/4931

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/27333

vdb-entryx_refsource_BID

http://www.securitytracker.com/id?1019239

vdb-entryx_refsource_SECTRACK

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jan 22, 2008
Vulnerability Reserved
Jan 22, 2008

Collectors

NVD DatabaseMitre Database