11 matches found
EUVD-2004-2732
Malware in sbrugna...
Microsoft IIS Directory Traversal Vulnerability (MS04-017) - Active Check
A directory traversal vulnerability exists in Crystal Reports and Crystal Enterprise from Business Objects that runs on Microsoft IIS which could allow information disclosure and denial of service attacks on an affected system. SPDX-FileCopyrightText: 2009 Christian Eric Edjenguele Some text...
CVE-2004-2742
Cross-site scripting XSS vulnerability in the report viewer in Crystal Enterprise 8.5, 9, and 10 allows remote attackers to inject arbitrary web script or HTML via script in the URL to a report RPT file...
CVE-2004-2742
Cross-site scripting (XSS) vulnerability in the Crystal Enterprise report viewer affects versions 8.5, 9, and 10. The issue allows remote attackers to inject arbitrary web script or HTML by crafting a script in the URL to a report (RPT) file, leveraging unsanitized input in the report viewer. The...
CVE-2006-4099
Business Objects Crystal Enterprise 9 and 10 generates predictable session identifiers, which allows remote attackers to hijack sessions of other users via WCSID cookie values...
CVE-2006-4099
Business Objects Crystal Enterprise 9 and 10 generates predictable session identifiers, which allows remote attackers to hijack sessions of other users via WCSID cookie values...
CVE-2006-4099
CVE-2006-4099 concerns Business Objects Crystal Enterprise 9 and 10, where the system generates predictable session identifiers, allowing remote attackers to hijack other users’ sessions through the WCSID cookie. The connected documents confirm the vulnerable component and the impact (session hij...
CVE-2004-2742
Cross-site scripting XSS vulnerability in the report viewer in Crystal Enterprise 8.5, 9, and 10 allows remote attackers to inject arbitrary web script or HTML via script in the URL to a report RPT file...
Crystal Enterprise report file crossite scripting
Crossite scripting with report files...
[SA13644] Crystal Enterprise Report File Cross-Site Scripting Vulnerability
TITLE: Crystal Enterprise Report File Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA13644 VERIFY ADVISORY: http://secunia.com/advisories/13644/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Crystal Enterprise 9 http://secunia.com/product/3552/ Cryst...
CVE-2004-0204
CVE-2004-0204 describes a directory traversal in Crystal Reports and Crystal Enterprise Web viewers redistributed with Microsoft Visual Studio .NET 2003, Outlook 2003 with Business Contact Manager, and Microsoft Business Solutions CRM 1.2. The vulnerability arises from improper validation of HTTP...