Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow

source: https://www.securityfocus.com/bid/21261/info

Business Objects Crystal Reports XI Professional is prone to a buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

An atacker may exploit this issue by enticing a victim user into opening a malicious document file, resulting in the execution of arbitrary code with privileges of the vulnerable application. Failed exploit attemtps will likely result in denial-of-service conditions.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/29171.rpt