Unrated severityNVD Advisory· Published May 2, 2004· Updated Apr 16, 2026

CVE-2004-1981

Description

The web interface for Crystal Reports allows remote attackers to cause a denial of service (disk exhaustion) by repeatedly requesting reports without retrieving the associated image files, which are not cleared from the image file folder.

Affected products

Businessobjects/Crystal Enterprise2 versions
cpe:2.3:a:businessobjects:crystal_enterprise:9:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:businessobjects:crystal_enterprise:9:*:*:*:*:*:*:*
- cpe:2.3:a:businessobjects:crystal_enterprise:10:*:*:*:*:*:*:*
Businessobjects/Crystal Reports2 versions
cpe:2.3:a:businessobjects:crystal_reports:9:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:businessobjects:crystal_reports:9:*:*:*:*:*:*:*
- cpe:2.3:a:businessobjects:crystal_reports:10:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000