Buffer overflow in Sap Crystal_reports

CVE-2014-5505

Stack-based buffer overflow in SAP Crystal Reports allows remote attackers to execute arbitrary code via a crafted data source string in an RPT file.

Vulnerability class: Buffer Overflow

EPSS: 0.065 (91.3th percentile) — read the EPSS interpretation.

Affected products

Sap Crystal_reports
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

60877 (x_refsource_SECUNIA, third-party-advisory)
sap-crystal-cve20145505-bo(95740) (vdb-entry, x_refsource_XF)
cve@mitre.org (x_refsource_CONFIRM)
cve@mitre.org (x_refsource_MISC)
69558 (vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM)