CVE-2012-2290

EPSS 4.68%
Veröffentlicht 18.10.2012 17:55:01
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle security_alert@emc.com
CVE-Watchlists
Login
Unerledigt
Login

The client in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375 allows remote attackers to execute arbitrary code by sending a crafted message over a TCP communication channel.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Emc ≫ Networker Module For Microsoft Applications Version2.2.1

Emc ≫ Networker Module For Microsoft Applications Version2.3

Emc ≫ Networker Module For Microsoft Applications Version2.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	4.68%	0.883

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html

http://secunia.com/advisories/50957

http://www.securityfocus.com/bid/55883

http://www.securitytracker.com/id?1027647

http://osvdb.org/86158

https://nvd.nist.gov/vuln/detail/CVE-2012-2290

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-2290

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-2290

EUVD