Stack-Based Buffer Overflow Vulnerability in SAP Crystal Reports
CVE-2014-5505

Currently unrated

Key Information:

Vendor: SAP
Status: Crystal Reports
Vendor: CVE Published:; 4 September 2014

Summary

SAP Crystal Reports contains a stack-based buffer overflow vulnerability that could be exploited by remote attackers. By crafting a malicious data source string within an RPT file, attackers may execute arbitrary code on the target system. This could allow them to compromise the integrity and confidentiality of the system, leading to unauthorized actions and data breaches. It is critical for organizations using SAP Crystal Reports to apply the relevant patches and mitigations to secure their systems against this vulnerability.

References

http://secunia.com/advisories/60877

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/95740

vdb-entryx_refsource_XF

https://service.sap.com/sap/support/notes/1999142

x_refsource_CONFIRM

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 4, 2014
Vulnerability Reserved
Aug 28, 2014