CVE-2008-0379 Information

Description

Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method which triggers a buffer overflow.

Reference

http://www.securityfocus.com/bid/27333 http://www.securitytracker.com/id?1019239 https://exchange.xforce.ibmcloud.com/vulnerabilities/39743 https://www.exploit-db.com/exploits/4931