Business Objects Crystal Reports XI Professional File Handling Buffer Overflow Vulnerability

2006-11-23T00:00:00
ID EDB-ID:29171
Type exploitdb
Reporter LSsec.com
Modified 2006-11-23T00:00:00

Description

Business Objects Crystal Reports XI Professional File Handling Buffer Overflow Vulnerability. CVE-2006-6133. Remote exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/21261/info

Business Objects Crystal Reports XI Professional is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

An atacker may exploit this issue by enticing a victim user into opening a malicious document file, resulting in the execution of arbitrary code with privileges of the vulnerable application. Failed exploit attemtps will likely result in denial-of-service conditions.

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/29171.rpt