Double free vulnerability in SAP Crystal Reports allows remote malicious users to execute arbitrary code via crafted connection string record in an RPT file.
sap crystal reports -