2 matches found
CVE-2020-13534
Dream Report 5 R20-2 is affected by CVE-2020-13534, a privilege-escalation vulnerability. The root cause is weak default permissions in components installed by Dream Report (notably COM CLSIDs referencing LocalServer32 and InprocServer32 in the Dream Report System directory C:\ODS). A specially c...
Dream Report platform privilege escalation vulnerability
Summary Multiple privilege escalation vulnerabilities exist in Dream Report 5 R20-2. A specially crafted executable can cause elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Dream Report 5 R20-2 Product URLs https://dreamreport.net/...