RULE(RULE ID:309869)

Rule General Information
Release Date: 2020-03-16
Rule Name: SAP Crystal Reports PrintControl.dll ActiveX Control Buffer Overflow Vulnerability (CVE-2010-2590)
Rule Protection Details
Description: Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote attackers to execute arbitrary code via a long ServerResourceVersion property value.
Impact: A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service.
Affected OS: Windows, Others
Reference: ExploitDB:15733
The vendors have released upgrade patches to fix vulnerabilities, please visit: