Vulnerabilities > CVE-2004-1981 - Denial-Of-Service vulnerability in Businessobjects Crystal Enterprise and Crystal Reports

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

businessobjects

NVD

Published: 2004-05-02

Updated: 2017-07-11

Summary

The web interface for Crystal Reports allows remote attackers to cause a denial of service (disk exhaustion) by repeatedly requesting reports without retrieving the associated image files, which are not cleared from the image file folder.

Vulnerable Configurations

Part	Description	Count
Application	Businessobjects Businessobjects Crystal Enterprise 9 Businessobjects Crystal Enterprise 10 Businessobjects Crystal Reports 9 Businessobjects Crystal Reports 10	4

References

http://marc.info/?l=bugtraq&m=108360413811017&w=2
http://marc.info/?l=bugtraq&m=108671836127360&w=2
https://exchange.xforce.ibmcloud.com/vulnerabilities/16046