Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1981


Vulnerability Score 5.0 5.0
CVE Id CVE-2004-1981
Last Modified 05 Sep 2008 04:42:52
Published 02 May 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The web interface for Crystal Reports allows remote attackers to cause a denial of service (disk exhaustion) by repeatedly requesting reports without retrieving the associated image files, which are not cleared from the image file folder.

Vulnerable Systems


  • Businessobjects Crystal Enterprise 10

  • Businessobjects Crystal Enterprise 9

  • Businessobjects Crystal Reports 10

  • Businessobjects Crystal Reports 9


BUGTRAQ - 20040608 Vulnerability: Arbitrary File Access & DoS in Crystal Reports

BUGTRAQ - 20040502 Crystal Reports Vulnerabilities

Last Updated: 27 May 2016 10:39:16