SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Crystal Reports Vendors:   Business Objects
Crystal Reports Report File Stack Overflow Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1017279
SecurityTracker URL:  http://securitytracker.com/id/1017279
CVE Reference:   CVE-2006-6133   (Links to External Site)
Updated:  Jan 5 2007
Original Entry Date:  Nov 24 2006
Impact:   Execution of arbitrary code via network, User access via network

Version(s): XI Professional; Tested on version 11.0.0.1994
Description:   A vulnerability was reported in Crystal Reports. A remote user can cause arbitrary code to be executed on the target user's system.

A remote user can create a specially crafted '.RPT' file that, when loaded by the target user, will trigger a stack overflow and execute arbitrary code on the target system. The code will run with the privileges of the target user.

LSsec discovered this vulnerability.

The original advisory is available at:

http://www.lssec.com/advisories/LS-20061102.pdf

A demonstration exploit is available at:

http://www.lssec.com/exploits/LS-20061102.rar

Impact:   A remote user can create a '.RPT' file that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.businessobjects.com/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Sep 11 2007 (Microsoft Issues Fix for Crystal Reports for Visual Studio) Crystal Reports Report File Stack Overflow Lets Remote Users Execute Arbitrary Code
Microsoft has issued a fix for Crystal Reports for Visual Studio.



 Source Message Contents

Subject:  LS-20061102 - Business Objects Crystal Reports Stack Overflow

LS-20061102

LSsec has discovered a vulnerability in
Business Objects Crystal Reports XI Professional,
which could be exploited by an attacker in order
to execute arbitrary code on an affected system.

Exploitation requires that the attacker coerce
the target user into opening a malicious .RPT file.

For technical details please visit:

	http://www.lssec.com/charity.html
	
LSsecurity - LSsec.com

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC