CVE-2012-0273

EPSS 4.27%
Veröffentlicht 20.06.2014 14:55:05
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle PSIRT-CNA@flexerasoftware.com
CVE-Watchlists
Login
Unerledigt
Login

Multiple stack-based buffer overflows in MinaliC 2.0.0 allow remote attackers to execute arbitrary code via a (1) session_id cookie in a request to the get_cookie_value function in response.c, (2) directory name in a request to the add_default_file function in response.c, or (3) file name in a request to the retrieve_physical_file_name_or_brows function in response.c.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Hans Alshoff ≫ Minalic Version2.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	4.27%	0.877

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://secunia.com/advisories/45462

http://secunia.com/secunia_research/2012-5

http://www.securityfocus.com/bid/52873

https://exchange.xforce.ibmcloud.com/vulnerabilities/74651

https://exchange.xforce.ibmcloud.com/vulnerabilities/74652

https://exchange.xforce.ibmcloud.com/vulnerabilities/74653

https://nvd.nist.gov/vuln/detail/CVE-2012-0273

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-0273

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-0273

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2012-0273