Lucene search

K
cve[email protected]CVE-2012-1528
HistoryNov 14, 2012 - 12:55 a.m.

CVE-2012-1528

2012-11-1400:55:01
CWE-189
web.nvd.nist.gov
98
cve-2012-1528
windows
shell
integer overflow
vulnerability
microsoft
nvd
security
windows xp
windows server

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.968 High

EPSS

Percentile

99.7%

Integer overflow in Windows Shell in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted briefcase, aka “Windows Briefcase Integer Overflow Vulnerability.”

Affected configurations

NVD
Node
microsoftwindows_7x64
OR
microsoftwindows_7x86
OR
microsoftwindows_7sp1x64
OR
microsoftwindows_7sp1x86
OR
microsoftwindows_8Match--x64
OR
microsoftwindows_8Match--x86
OR
microsoftwindows_server_2003sp2
OR
microsoftwindows_server_2008r2x64
OR
microsoftwindows_server_2008sp2x64
OR
microsoftwindows_server_2008sp2x86
OR
microsoftwindows_server_2012Match-
OR
microsoftwindows_vistasp2
OR
microsoftwindows_xpsp3
OR
microsoftwindows_xpMatch-sp2x64

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.968 High

EPSS

Percentile

99.7%