CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-0285

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.2000%
EPSS Percentile38.66th
Published2019年4月10日
Last Modified2024年11月21日

Vulnerability Description

The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010) discloses sensitive database information including credentials which can be misused by the attacker.

Affected Platforms (CPE)

📦
Sap

Crystal Reports

= 2010

References & Advisories

🔗 http://packetstormsecurity.com/files/153471/SAP-Crystal-Reports-Information-Disclosure.html
🔗 https://launchpad.support.sap.com/#/notes/2687663
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114
🔗 http://packetstormsecurity.com/files/153471/SAP-Crystal-Reports-Information-Disclosure.html
🔗 https://launchpad.support.sap.com/#/notes/2687663
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=517899114

相關漏洞威脅

CVE-2010-303210.0

Integer overflow in the OBGIOPServerWorker::extractHeader function in the ebus-3-3-2-6.dll module in SAP Crystal Reports 2008 allo...

CVE-2009-334510.0

Heap-based buffer overflow in SAP Crystal Reports Server 2008 has unknown impact and attack vectors, as demonstrated by a certain ...

CVE-2009-334610.0

Unspecified vulnerability in SAP Crystal Reports Server 2008 allows remote attackers to execute arbitrary code via unknown vectors...

CVE-2020-268319.6

SAP BusinessObjects BI Platform (Crystal Report), versions - 4.1, 4.2, 4.3, does not sufficiently validate uploaded XML entities d...

CVE-2019-0285 Detail & Impact Analysis | CVSS 9.8 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space