Arbitrary Code Execution Vulnerability in SAP Crystal Reports Server 2008
CVE-2009-3346

Currently unrated

Key Information:

Vendor: SAP
Status: Crystal Reports Server
Vendor: CVE Published:; 24 September 2009

Summary

A vulnerability exists in SAP Crystal Reports Server 2008 that permits remote attackers to execute arbitrary code. This can occur through unspecified vectors, potentially resulting in unauthorized system control. The impact of this flaw, disclosed along with the VulnDisco Pack's research, indicates the need for caution and prompt action to secure the affected systems.

References

http://www.securityfocus.com/bid/36267

vdb-entryx_refsource_BID

http://intevydis.com/vd-list.shtml

x_refsource_MISC

http://secunia.com/advisories/36583

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 24, 2009