Intrusion Prevention

SAP.Crystal.Reports.PrintControl.ActiveX.Buffer.Overflow

Description

This indicates an attack attempt against a heap-based buffer-overflow vulnerability in SAP Crystal Reports.
This vulnerability is caused by the vulnerable application's failure to perform adequate boundary checks on user-supplied data. The issue affects the 'CrystalReports12.CrystalPrintControl.1' ActiveX control. It allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control.

Affected Products

SAP Crystal Reports 2008 Print ActiveX Control 12.3.2.753
SAP Crystal Reports 2008

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any patches supplied by the vendor for this issue.

CVE References

CVE-2010-2590