CVE-2010-2590

Related Files

Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow

Posted Dec 18, 2012

Authored by Dr_IDE, Dmitriy Pletnev, juan vazquez | Site metasploit.com

This Metasploit module exploits a heap based buffer overflow in the CrystalPrintControl ActiveX, while handling the ServerResourceVersion property. The affected control can be found in the PrintControl.dll component as included with Crystal Reports 2008. This Metasploit module has been tested successfully on IE 6, 7 and 8 on Windows XP SP3 and IE 8 on Windows 7 SP1. The module uses the msvcr71.dll library, loaded by the affected ActiveX control, to bypass DEP and ASLR.

tags | exploit, overflow, activex

systems | windows

advisories | CVE-2010-2590, OSVDB-69917

SHA-256 | e2e444f4f608cf2a5267e52972251a3f6dc63fb45578a2ac18f6eb5ad4684ec0

Download | Favorite | View

SAP Crystal Reports Print ActiveX Control Buffer Overflow

Posted Dec 20, 2010

Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a vulnerability in SAP Crystal Reports, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the "CrystalReports12.CrystalPrintControl.1" ActiveX control (PrintControl.dll) when processing the "ServerResourceVersion" property and can be exploited to cause a heap-based buffer overflow via an overly long string. Successful exploitation allows execution of arbitrary code. Affected is Crystal Reports 2008 SP3 Fix Pack 3.2 Print ActiveX (12.3.2.753).

tags | advisory, overflow, arbitrary, activex

advisories | CVE-2010-2590

SHA-256 | d28710dbbdb6a4e04bbf0b31230732e1f2ccbb1c884c4ad65e99fc484a3db74d

Download | Favorite | View