<< Back
CVE Number Vulnerability Product Severity Date
MS07-052 Vulnerability in Crystal Reports for Visual Studio Could Allow Remote Code Execution (941522) Microsoft Visual Critical 12-09-2007

Technical Information

Brief overview of the risk:
A remote code execution vulnerability exists in the way Crystal Reports for Visual Studio handles malformed RPT files. An attacker could exploit the vulnerability by sending an affected user a malformed RPT file as an e-mail attachment, or hosting the file on a malicious or compromised Web site.
Detailed Information on the risk:
An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.Further information on this exploit is available at : MS07-052

Affected Software

Microsoft Visual Studio .NET 2002 Service Pack 1
Microsoft Visual Studio .NET 2003
Microsoft Visual Studio .NET 2003 Service Pack 1
Microsoft Visual Studio 2005
Microsoft Visual Studio 2005 Service Pack 1