Business Objects Crystal Reports Predictable Session Identifiers Session Hijacking Vulnerability

Bugtraq ID: 21350
Class: Design Error
CVE: CVE-2006-4099
Remote: Yes
Local: No
Published: Nov 29 2006 12:00AM
Updated: Nov 30 2006 04:09AM
Credit: LB Jennings, M Ruks, and HMG Grobbelaar of MWR Infosecurity are credited with the discovery of this vulnerability.
Vulnerable: Business Objects Crystal Enterprise 10.0
Business Objects Crystal Enterprise 9.0
Not Vulnerable: Business Objects BusinessObjects Enterprise XI 0
Business Objects Business Objects Enterprise XIr2


Privacy Statement
Copyright 2010, SecurityFocus