Vulnerability Details CVE-2006-6133
Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote attackers to execute arbitrary code via a crafted RPT file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.723
EPSS Ranking 98.7%
CVSS Severity
CVSS v2 Score 7.6
References
- http://secunia.com/advisories/23091
- http://secunia.com/advisories/26754
- http://securitytracker.com/id?1017279
- http://www.lssec.com/advisories/LS-20061102.pdf
- http://www.securityfocus.com/archive/1/452464/100/0/threaded
- http://www.securityfocus.com/bid/21261
- http://www.us-cert.gov/cas/techalerts/TA07-254A.html
- http://www.vupen.com/english/advisories/2006/4691
- http://www.vupen.com/english/advisories/2007/3114
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-052
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30532
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2055
- http://secunia.com/advisories/23091
- http://secunia.com/advisories/26754
- http://securitytracker.com/id?1017279
- http://www.lssec.com/advisories/LS-20061102.pdf
- http://www.securityfocus.com/archive/1/452464/100/0/threaded
- http://www.securityfocus.com/bid/21261
- http://www.us-cert.gov/cas/techalerts/TA07-254A.html
- http://www.vupen.com/english/advisories/2006/4691
- http://www.vupen.com/english/advisories/2007/3114
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-052
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30532
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2055
Products affected by CVE-2006-6133
-
cpe:2.3:a:businessobjects:crystal_reports_xi:*
-
cpe:2.3:a:microsoft:visual_studio_.net:2002
-
cpe:2.3:a:microsoft:visual_studio_.net:2003
-
cpe:2.3:a:microsoft:visual_studio_.net:2005