Intrusion Prevention



This indicates an attack attempt against a heap-based buffer-overflow vulnerability in SAP Crystal Reports.
This vulnerability is caused by the vulnerable application's failure to perform adequate boundary checks on user-supplied data. The issue affects the 'CrystalReports12.CrystalPrintControl.1' ActiveX control. It allows remote attackers to execute arbitrary code in the context of the application using the ActiveX control.

Affected Products

SAP Crystal Reports 2008 Print ActiveX Control
SAP Crystal Reports 2008


System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any patches supplied by the vendor for this issue.

CVE References