1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP Crystal Reports EnterpriseControls ActiveX BO

HTTP Crystal Reports EnterpriseControls ActiveX BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in Crystal Reports 'EnterpriseControls.dll' ActiveX Control.

Additional Information

Crystal Reports is a commercially available data-reporting application. The 'EnterpriseControls.dll' ActiveX control allows a browser to display reports created by Crystal Reports.

Crystal Reports 'EnterpriseControls.dll' ActiveX control is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data.

This issue affects the 'SelectedSession()' method in the 'EnterpriseControls.dll' library. The affected control is identified by CLSID: 3D58C9F3-7CA5-4C44-9D62-C5B63E059050. This issue is caused by a race condition during the initialization of the control, allowing attackers to corrupt the EIP register and trigger crashes.

A successful exploit will allow an attacker to crash applications using the affected ActiveX control (typically Internet Explorer).

Affected

  • Business Objects Crystal Reports XI Release 2

Response

Download and install all patches related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube