VYPR

Crystal Reports

by Businessobjects

CVEs (3)

  • CVE-2004-0204Aug 6, 2004
    risk 0.09cvss epss 0.73

    Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows…

  • CVE-2004-1981May 2, 2004
    risk 0.00cvss epss 0.02

    The web interface for Crystal Reports allows remote attackers to cause a denial of service (disk exhaustion) by repeatedly requesting reports without retrieving the associated image files, which are not cleared from the image file folder.

  • CVE-2001-1464Jan 10, 2001
    risk 0.00cvss epss 0.04

    Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords.