4 matches found
CVE-2004-0204
CVE-2004-0204 describes a directory traversal in Crystal Reports and Crystal Enterprise Web viewers redistributed with Microsoft Visual Studio .NET 2003, Outlook 2003 with Business Contact Manager, and Microsoft Business Solutions CRM 1.2. The vulnerability arises from improper validation of HTTP...
CVE-2004-1981
Technical details about CVE-2004-1981 are not publicly available in the provided documents. Monitor for updates.
CVE-2004-2742
Cross-site scripting (XSS) vulnerability in the Crystal Enterprise report viewer affects versions 8.5, 9, and 10. The issue allows remote attackers to inject arbitrary web script or HTML by crafting a script in the URL to a report (RPT) file, leveraging unsanitized input in the report viewer. The...
CVE-2006-4099
CVE-2006-4099 concerns Business Objects Crystal Enterprise 9 and 10, where the system generates predictable session identifiers, allowing remote attackers to hijack other users’ sessions through the WCSID cookie. The connected documents confirm the vulnerable component and the impact (session hij...