MS04-017: Crystal Reports Web Viewer

By Steven
in Back Page News

 Share

Recommended Posts

Grand Master

Steven

Posted
Posted

Microsoft Security Bulletin MS04-017

Vulnerability in Crystal Reports Web Viewer Could Allow Information Disclosure and Denial of Service (842689)

Issued: June 8, 2004

Version: 1.0

Summary

Who should read this document: Customers who use Microsoft? Visual Studio .NET 2003, who use Microsoft Office Outlook 2003 with Business Contact Manager, or who use Microsoft Business Solutions Customer Relationship Management (CRM) 1.2

Impact of Vulnerability: Information Disclosure and Denial of Service

Maximum Severity Rating: Moderate

Recommendation: Customers should consider applying the security update.

Security Update Replacement: None

Caveats:

?Customers who use both Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, and who have Internet Information Services installed should install the update for both products.

?The update for the component in Microsoft Business Solutions CRM 1.2 is available on the Business Objects Web site.

Tested Software and Security Update Download Locations:

Affected Software:

?Visual Studio .NET 2003 ? Download the update

?Outlook 2003 with Business Contact Manager ? Download the update

?Microsoft Business Solutions CRM 1.2 ? Download the update from the Business Objects Web site

Non-Affected Software:

?All other supported versions of Visual Studio, Outlook, and Microsoft Business Solutions CRM.

Note Outlook 2003 with Business Contact Manager is an add-on to Outlook 2003 that is available on a separate CD, together with Microsoft Office Small Business Edition 2003 and Microsoft Office Professional Edition 2003.

The software in this list has been tested to determine if the versions are affected. Other versions either no longer include security update support or may not be affected. To determine the support lifecycle for your product and version, visit the following Microsoft Support Lifecycle Web site.

Top of sectionTop of section

Executive Summary:

This update resolves a newly-discovered vulnerability in Crystal Reports and Crystal Enterprise from Business Objects. Microsoft Visual Studio .NET 2003 (all versions) and Outlook 2003 with Business Contact Manager redistribute Crystal Reports and are therefore affected by the vulnerability. Microsoft Business Solutions CRM 1.2 redistributes Crystal Enterprise, which is affected in the same way. The vulnerability is documented in the Vulnerability Details section of this bulletin.

An attacker who successfully exploited the vulnerability could retrieve and delete files through the Crystal Reports and Crystal Enterprise Web viewers on an affected system. The number of files of files that are impacted by this vulnerability would depend on the security context of the affected component that is used by the Crystal Web viewer.

Note Systems can only be vulnerable if they have Internet Information Services (IIS) installed.

Microsoft recommends that customers consider applying the security update.

http://www.microsoft.com/technet/security/...n/MS04-017.mspx

Link to comment
https://www.neowin.net/forum/topic/175616-ms04-017-crystal-reports-web-viewer/
Share on other sites
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Politically funny images of the World

      By snowy owl · Posted

    • Zen Browser 1.21.4b

      By Copernic · Posted

      Zen Browser 1.21.4b by Razvan Serea Zen Browser is a privacy-focused, open-source web browser built on Mozilla Firefox, offering users a secure and customizable browsing experience. It emphasizes privacy by blocking trackers, ads, and ensuring your data isn't collected. With Zen Mods, users can enhance their browser experience with various customization options, including features like split views and vertical tabs. The browser is designed for efficiency, providing fast browsing speeds and a lightweight interface. Zen Browser prioritizes user control over the browsing experience, offering a minimal yet powerful alternative to traditional web browsers while keeping your online activity private. Zen Browser’s DRM limitation Zen Browser currently lacks support for DRM-protected content, meaning streaming services like Netflix and HBO Max are inaccessible. This is due to the absence of a Widevine license, which requires significant costs and is financially unfeasible for the developer. Additionally, applying for this license would require Zen to be part of a larger company, similar to Mozilla or Brave. Therefore, DRM-protected media won't be supported in Zen Browser for the foreseeable future. Zen Browser offers features that improve user experience, privacy, and customization: Privacy-Focused: Blocks trackers and minimizes data collection. Automatic Updates: Keeps the browser updated with security patches. Zen Mods: Customizable themes and layouts. Workspaces: Organize tabs into different workspaces. Compact Mode: Maximizes screen space by minimizing UI elements. Zen Glance: Quick website previews. Split Views: View multiple tabs in the same window. Sidebar: Access bookmarks and tools quickly. Vertical Tabs: Manage tabs vertically. Container Tabs: Separate browsing sessions. Fast Profile Switcher: Switch between profiles easily. Tab Folders: Organize tabs into folders. Customizable UI: Personalize browser interface. Security Features: Inherits Firefox’s robust security. Fast Performance: Lightweight and optimized for speed. Zen Mods Customization: Deep customization with mods. Quick Access: Easy access to favorite websites. Open Source: Built on Mozilla Firefox with community collaboration. Community-Driven: Active development and feedback from users. GitHub Repository: Contribute and review the source code. Zen Browser 1.21.4b changelog: New Features Updated to Firefox 152.0.2 and 152.0.3 Added 'Edit pinned tab' context menu item to manually set a pinned tab's URL Added 'Add Route for Domain' context menu item to quickly add a tab's domain to the Space Routing settings Fixes Prevent sidebar from flickering when moving a tab (#14131) Full-screening while on a glance tab will now expand the glance tab to a normal tab (#11766) Fixed space routing tabs opening in background when it should be in foreground (#14183) Other minor bug fixes and improvements. Download: Zen Browser | 90.2 MB (Open Source) Download: Zen Browser ARM64 | Other Operating Systems View: Zen Browser Home Page | Screenshots 1 | 2 | Reddit Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • You've tried DuckDuckGo and Brave Search, now get serious with SearXNG

      By Som · Posted

      I was using searxng for about a year , self hosted, but results were starting to timeout and eventually it became unusable so I switched to degoog. Much better for my needs, more polished and add-ons like maps and calculations etc
    • Politically funny images of the World

      By PsYcHoKiLLa · Posted

      Fake Superman doing the Anti-Trump PR for us, good man !
    • Laptop Processor Question

      By goretsky · Posted

      Hello, I am not as familiar with AMD CPUs as I am with Intel's, but as I understand it, that's a mid-range CPU from about three years ago.  I would think it to be fine for everyday casual-type use.  A larger SSD might be better, but with storage prices these days that's a decision that has to be carefully thought about. Regards, Aryeh Goretsky  

  • Recent Achievements

    • One Month Later
      Excellence2025 earned a badge
      One Month Later
    • Week One Done
      Excellence2025 earned a badge
      Week One Done
    • Week One Done
      flexorcist earned a badge
      Week One Done
    • One Month Later
      Woland13 earned a badge
      One Month Later
    • Week One Done
      Woland13 earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      504
    2. 2
      +Edouard
      205
    3. 3
      PsYcHoKiLLa
      147
    4. 4
      Steven P.
      72
    5. 5
      FloatingFatMan
      68
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!