CVE-2010-2590
SAP Crystal Reports - Memory Corruption
Title source: ruleDescription
Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll 12.3.2.753 in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote attackers to execute arbitrary code via a long ServerResourceVersion property value.
Exploits (3)
metasploit
WORKING POC
NORMAL
by Dmitriy Pletnev, Dr_IDE, juan vazquez · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/crystal_reports_printcontrol.rb
exploitdb
WORKING POC
VERIFIED
by Dr_IDE · htmlremotewindows
https://www.exploit-db.com/exploits/15733
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/23472
References (9)
Scores
EPSS
0.7897
EPSS Percentile
99.0%
Classification
CWE
CWE-119
Status
draft
Affected Products (1)
sap/crystal_reports
Timeline
Published
Dec 22, 2010
Tracked Since
Feb 18, 2026