CVE-2007-6254 - Buffer Errors vulnerability in SAP Business Objects 6.5

Publication

2008-03-20

Last modification

2017-08-08

Summary

Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors.

Description

BusinessObjects 'RptViewerAX' is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied data.Attackers can exploit this issue to execute arbitrary code in the context of an application using the affected control (typically Internet Explorer). Successful attacks can compromise the application and possibly the underlying computer. Failed attacks will likely cause denial-of-service conditions.

Solution

The vendor released hotfix CHF74 to address this issue. Please see the references for information on how to obtain and apply this fix.

Exploit

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: info@vumetric.com.

Classification

CWE-119 - Buffer Errors

Risk level (CVSS AV:N/AC:M/Au:N/C:C/I:C/A:C)

High

9.3

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
SAP Business Objects  6.5