CVE-2006-6133

Published Nov 28, 2006

Last updated 6 years ago

CVSS info 7.6

Overview

Description: Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote attackers to execute arbitrary code via a crafted RPT file.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.6
Impact score: 10
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:businessobjects:crystal_reports_xi:*:*:professional:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D3E8303D-8050-4CD7-A993-6C96026FFC60"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2002:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8512201F-9350-4892-A20F-80A2C38A530F"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2002:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "747E3E3A-85C1-4E55-B7F8-C5207F247498"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F30DA411-416C-45C3-B2A2-E4F3ED7C8F42"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85959AEB-2FE5-4A25-B298-F8223CE260D6"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2005:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBED7535-0091-4B27-B261-384CEADFE362"
          },
          {
            "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2005:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F40C30AF-7D70-4FE8-B7D1-F4734F791664"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References