BusinessObjects RptViewerAX ActiveX控件栈溢出漏洞

BUGTRAQ ID: 28292 CVECAN ID: CVE-2007-6254 Business Objects是全球领先的商务智能平台。 Business Objects产品所安装的RptViewerAX ActiveX控件（RptViewerAX.dll）中存在栈溢出漏洞，如果用户受骗访问了恶意网页并向该控件传送了超长参数的话，就可能触发这个溢出，导致执行任意指令。 Business Objects BusinessObjects 6.5 Business Objects ---------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Stack overflow

Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2007-6254

CVE-2007-6254 involves a stack-based buffer overflow in the SAP BusinessObjects RptViewerAX ActiveX control (RptViewerAX.dll) for BusinessObjects 6.5, prior to CHF74. The overflow in the RptViewerAX ActiveX control can allow a remote attacker to execute arbitrary code, with exploitation described...

CVE-2007-6254

Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote attackers to execute arbitrary code via unspecified vectors...

BusinessObjects RptViewerAX ActiveX control stack buffer overflow

Overview The BusinessObjects RptViewerAX ActiveX control contains a stack buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description BusinessObjects 6.5 includes an ActiveX control called RptViewerAX, which is provided by...