Definition Id: oval:org.mitre.oval:def:1157
Oval ID: oval:org.mitre.oval:def:1157
Title: Crystal Reports Business Objects Directory Traversal
Description: Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx.
Family: windows Class: vulnerability
Reference(s): CVE-2004-0204
Version: 1
Platform(s): Microsoft Windows 2000
Product(s): Crystal Enterprise
Crystal Reports
Definition Synopsis: