NVD

Id
14462  
Name
CVE-2010-3032  
Description
Integer overflow in the OBGIOPServerWorker::extractHeader function in the ebus-3-3-2-6.dll module in SAP Crystal Reports 2008 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GIOP packet with a crafted size, which triggers a heap-based buffer overflow.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2010-08-17  
Modified Date
2010-08-30  
Seq
2010-3032  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
80000 14462 CVE-2010-3032 http://dvlabs.tippingpoint.com/advisory/TPTI-10-07  View
80001 14462 CVE-2010-3032 20100811 ZDI-10-151: SAP Crystal Reports 2008 GIOP Message Size Integer Overflow Remote Code Execution Vulnerability  View
80002 14462 CVE-2010-3032 20100811 RE: Correction to: ZDI-10-151: SAP Crystal Reports 2008 GIOP Message Size Integer Overflow Remote Code Execution Vulnerability  View
80003 14462 CVE-2010-3032 20100813 Re: Correction to: ZDI-10-151: SAP Crystal Reports 2008 GIOP Message Size Integer Overflow Remote Code Execution Vulnerability  View
80004 14462 CVE-2010-3032 42374  View
80005 14462 CVE-2010-3032 1024334  View
80006 14462 CVE-2010-3032 ADV-2010-2074  View
80007 14462 CVE-2010-3032 sap-crystal-giop-bo(61065)  View
80008 14462 CVE-2010-3032 https://service.sap.com/sap/support/notes/1473327  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
39843 JVNDB-2010-005628 SAP Crystal Reports の ebus-3-3-2-6.dll モジュールにおける整数オーバーフローの脆弱性 SAP Crystal Reports の ebus-3-3-2-6.dll モジュールの OBGIOPServerWorker::extractHeader 関数には、整数オーバーフローの脆弱性が存在します。 CVE-2010-3032 45612 CVE-2010-3032 14462 10 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-005628.html 2010-08-17 2012-12-20 View