Vulnerability Details CVE-2014-5506
Double free vulnerability in SAP Crystal Reports allows remote attackers to execute arbitrary code via crafted connection string record in an RPT file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.5%
CVSS Severity
CVSS v2 Score 6.8
References
- http://scn.sap.com/docs/DOC-8218
- http://secunia.com/advisories/61016
- http://www.securityfocus.com/bid/69557
- http://www.zerodayinitiative.com/advisories/ZDI-14-302/
- https://service.sap.com/sap/support/notes/1999142
- http://scn.sap.com/docs/DOC-8218
- http://secunia.com/advisories/61016
- http://www.securityfocus.com/bid/69557
- http://www.zerodayinitiative.com/advisories/ZDI-14-302/
- https://service.sap.com/sap/support/notes/1999142
Products affected by CVE-2014-5506
-
cpe:2.3:a:sap:crystal_reports:-