Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2004-0204

Published: 06/08/2004 Updated: 12/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Weblogic Server

Vulnerability Summary

Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote malicious users to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx.

Vulnerable Product Search on Vulmon Subscribe to Product

bea weblogic server 8.1

businessobjects crystal reports 10

businessobjects crystal reports 9

businessobjects crystal enterprise java sdk 8.5

businessobjects crystal enterprise ras 8.5

borland software j builder

microsoft business solutions crm 1.2

microsoft outlook 2003

businessobjects crystal enterprise 10

businessobjects crystal enterprise 9

microsoft visual studio .net 2003

Exploits

Exploit DB: Business Objects Crystal Reports 9/10 Web Form Viewer - Directory Traversal
source: wwwsecurityfocuscom/bid/10260/info Crystal Reports and Crystal Enterprise Web Form Viewer is prone to a directory traversal vulnerability This issue can allow an attacker to retrieve and delete files, allowing for information disclosure and denial of service attacks An attacker can exploit this issue by sending directory traver ...

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/10260http://support.businessobjects.com/fix/hot/critical/bulletins/security_bulletin_june04.asphttp://secunia.com/advisories/11800http://www.osvdb.org/6748http://marc.info/?l=bugtraq&m=108360413811017&w=2http://marc.info/?l=bugtraq&m=108671836127360&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/16044https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1157https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-017https://nvd.nist.govhttps://www.exploit-db.com/exploits/24077/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693CVE-2024-30851CVE-2024-34460CVE-2024-2887localCVE-2024-27956remote code executionCVE-2024-34475privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook