Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-6133

CWE-119Buffer Overflow4 documents4 sources
Severity
7.6HIGH
EPSS
71.9%
top 1.25%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Visual Studio .net
Timeline
PublishedNov 28
Latest updateMay 1

Description

Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote attackers to execute arbitrary code via a crafted RPT file.

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 4.9 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/visual_studio_.net2002, 2003, 2005+2

🔴Vulnerability Details

2
GHSA
GHSA-j25h-8cx4-j53h: Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio2022-05-01
CVEList
CVE-2006-6133: Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio2006-11-28

💥Exploits & PoCs

1
Exploit-DB
Business Objects Crystal Reports XI Professional - File Handling Buffer Overflow2006-11-23
CVE-2006-6133 (HIGH CVSS 7.6) | Stack-based buffer overflow in Visu | cvebase.io