Business Objects has completed the investigation into a public report of a vulnerability. The Crystal Reports Designer was permitting a buffer overflow, which could be exploited by an attacker in order to execute arbitrary code on an affected system. Exploitation requires that the attacker coerce the target user into opening a malicious .RPT file.
When opening the RPT file in the Designer, the Designer would infinitely loop, exit without a dialog box pop-up, or an error message appeared:
"buffer overrun... you must terminate the process"
Publishing to BusinessObjects Enterprise, Crystal Enterprise or Crystal Reports Server The modified RPT file could not be through the Publishing Wizard, Central Management Console or InfoView because an error message appeared:
"failing to read data from report file... Reason: Unable to launch $(INSTALLDIR)\BusinessObjects Enterprise 11.5\win32_x86\plugins\desktop\CrystalEnterprise.Report\ReportAdd program to add report to the system".
The modified RPT file, when added to a Visual Studio project or loaded in the embedded designer, will cause Visual Studio to exit prematurely. Win32 apps loading up the report either through the viewer or the ReportDocument API will crash. When loaded up by an ASP.NET process (either through the Crystal Reports Webform viewer or by ReportDocument), it will cause the ASP.NET worker process to crash and restart. Repeated attempts to load the report could result in a denial of service of ASP.NET.
R2 security , 1410607 , KBA , BI-BIP , Business intelligence platform , Bug Filed
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.