VYPR

Crystal Reports

by Crystal Reports

CVEs (2)

  • CVE-2008-0379Jan 22, 2008
    risk 0.04cvss epss 0.09

    Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method, which triggers a buffer…

  • CVE-2001-1464Jan 10, 2001
    risk 0.00cvss epss 0.04

    Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords.