exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 2 of 2 RSS Feed

CVE-2010-2590

Status Candidate

Overview

Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll 12.3.2.753 in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote attackers to execute arbitrary code via a long ServerResourceVersion property value.

Related Files

Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow
Posted Dec 18, 2012
Authored by Dr_IDE, Dmitriy Pletnev, juan vazquez | Site metasploit.com

This Metasploit module exploits a heap based buffer overflow in the CrystalPrintControl ActiveX, while handling the ServerResourceVersion property. The affected control can be found in the PrintControl.dll component as included with Crystal Reports 2008. This Metasploit module has been tested successfully on IE 6, 7 and 8 on Windows XP SP3 and IE 8 on Windows 7 SP1. The module uses the msvcr71.dll library, loaded by the affected ActiveX control, to bypass DEP and ASLR.

tags | exploit, overflow, activex
systems | windows
advisories | CVE-2010-2590, OSVDB-69917
SHA-256 | e2e444f4f608cf2a5267e52972251a3f6dc63fb45578a2ac18f6eb5ad4684ec0
SAP Crystal Reports Print ActiveX Control Buffer Overflow
Posted Dec 20, 2010
Authored by Dmitriy Pletnev | Site secunia.com

Secunia Research has discovered a vulnerability in SAP Crystal Reports, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the "CrystalReports12.CrystalPrintControl.1" ActiveX control (PrintControl.dll) when processing the "ServerResourceVersion" property and can be exploited to cause a heap-based buffer overflow via an overly long string. Successful exploitation allows execution of arbitrary code. Affected is Crystal Reports 2008 SP3 Fix Pack 3.2 Print ActiveX (12.3.2.753).

tags | advisory, overflow, arbitrary, activex
advisories | CVE-2010-2590
SHA-256 | d28710dbbdb6a4e04bbf0b31230732e1f2ccbb1c884c4ad65e99fc484a3db74d
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close