Vulnerabilities > SAP > Crystal Reports > Critical

DATE CVE VULNERABILITY TITLE RISK
2010-12-22 CVE-2010-2590 Buffer Errors vulnerability in SAP Crystal Reports 2008
Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll 12.3.2.753 in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote attackers to execute arbitrary code via a long ServerResourceVersion property value.
network
sap CWE-119
critical
9.3
2010-08-17 CVE-2010-3032 Numeric Errors vulnerability in SAP Crystal Reports 2008
Integer overflow in the OBGIOPServerWorker::extractHeader function in the ebus-3-3-2-6.dll module in SAP Crystal Reports 2008 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GIOP packet with a crafted size, which triggers a heap-based buffer overflow.
network
low complexity
sap CWE-189
critical
10.0