Vulnerability Details : CVE-2010-2590
Public exploit exists!
Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll 12.3.2.753 in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote attackers to execute arbitrary code via a long ServerResourceVersion property value.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2010-2590
Probability of exploitation activity in the next 30 days: 90.76%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2010-2590
-
Crystal Reports CrystalPrintControl ActiveX ServerResourceVersion Property Overflow
Disclosure Date: 2010-12-14First seen: 2020-04-26exploit/windows/browser/crystal_reports_printcontrolThis module exploits a heap based buffer overflow in the CrystalPrintControl ActiveX, while handling the ServerResourceVersion property. The affected control can be found in the PrintControl.dll component as included with Crystal Reports 2008. This module has been
CVSS scores for CVE-2010-2590
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2010-2590
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-2590
-
http://www.securityfocus.com/archive/1/515369/100/0/threaded
SecurityFocus
-
http://pocoftheday.blogspot.com/2010/12/crystal-reports-viewer-1200549-activex.html
pocofthedayExploit
-
http://www.securityfocus.com/bid/45387
SAP Crystal Reports Print ActiveX Control Buffer Overflow VulnerabilityExploit
-
http://www.securitytracker.com/id?1024915
SAP Crystal Reports Buffer Overflow in ActiveX Control Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
https://service.sap.com/sap/support/notes/1539269
-
http://www.exploit-db.com/exploits/15733
Crystal Reports Viewer 12.0.0.549 - 'PrintControl.dll' ActiveX - Windows remote ExploitExploit
Products affected by CVE-2010-2590
- cpe:2.3:a:sap:crystal_reports:2008:sp3_fp3.2:*:*:*:*:*:*