CVE-2006-6133
CVSS V2 High 7.6
CVSS V3 None
Description
Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote attackers to execute arbitrary code via a crafted RPT file.
Overview
- CVE ID
- CVE-2006-6133
- Assigner
- cve@mitre.org
- Vulnerability Status
- Modified
- Published Version
- 2006-11-28T01:07:00
- Last Modified Date
- 2018-10-17T21:46:50
Weakness Enumerations
CPE Configuration (Product)
| CPE | Vulnerable | Operator | Version Start | Version End |
|---|---|---|---|---|
| cpe:2.3:a:businessobjects:crystal_reports_xi:*:*:professional:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:a:microsoft:visual_studio_.net:2002:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:a:microsoft:visual_studio_.net:2002:sp1:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:a:microsoft:visual_studio_.net:2003:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:a:microsoft:visual_studio_.net:2005:*:*:*:*:*:*:* | 1 | OR | ||
| cpe:2.3:a:microsoft:visual_studio_.net:2005:sp1:*:*:*:*:*:* | 1 | OR |
CVSS Version 2
- Version
- 2.0
- Vector String
- AV:N/AC:H/Au:N/C:C/I:C/A:C
- Access Vector
- NETWORK
- Access Compatibility
- HIGH
- Authentication
- NONE
- Confidentiality Impact
- COMPLETE
- Integrity Impact
- COMPLETE
- Availability Impact
- COMPLETE
- Base Score
- 7.6
- Severity
- HIGH
- Exploitability Score
- 4.9
- Impact Score
- 10
References
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2006-6133 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6133 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2022-05-10 18:10:56 | Added to TrackCVE |