Crystal Reports Server

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

businessobjects

NVD

Published: 2005-12-31

Updated: 2017-07-20

Summary

Unspecified vulnerability in Report Application Server (Crystalras.exe) before 11.0.0.1370, as used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote attackers to cause a denial of service (application hang) via certain network traffic, possibly involving multiple simultaneous TCP connections.

Vulnerable Configurations

Part	Description	Count
Application	Businessobjects Businessobjects Crystal Enterprise XI * Businessobjects Crystal Reports Server XI * Businessobjects Crystal Reports XI * Businessobjects Report Application Server 11.0.0.0	4

References

http://secunia.com/advisories/16282
http://securitytracker.com/id?1014604
http://securitytracker.com/id?1014605
http://support.businessobjects.com/downloads/critical_updates/security_bulletin_june05.asp
http://support.businessobjects.com/library/kbase/articles/c2017748.asp
http://www.osvdb.org/18473
http://www.securityfocus.com/bid/14433
https://exchange.xforce.ibmcloud.com/vulnerabilities/21654