VYPR
Unrated severityNVD Advisory· Published Aug 17, 2010· Updated Jun 16, 2026

CVE-2010-3032

CVE-2010-3032

Description

Integer overflow in the OBGIOPServerWorker::extractHeader function in the ebus-3-3-2-6.dll module in SAP Crystal Reports 2008 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GIOP packet with a crafted size, which triggers a heap-based buffer overflow.

Affected products

2
  • cpe:2.3:a:sap:crystal_reports:2008:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:sap:crystal_reports:2008:*:*:*:*:*:*:*
    • (no CPE)range: =2008

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.