Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-2418
HistoryApr 25, 2012 - 8:55 p.m.

CVE-2012-2418

2012-04-2520:55:01
CWE-119
[email protected]
web.nvd.nist.gov
18
cve
2012
2418
buffer overflow
intuit
quickbooks
remote attack
denial of service
memory corruption
arbitrary code
uri
vulnerability

6.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:H/Au:N/C:C/I:C/A:C

8.6 High

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.5%

JSON

Heap-based buffer overflow in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a URI with a % (percent) character as its (1) last or (2) second-to-last character.

Affected configurations

NVD
Node
intuitquickbooksMatch2009
OR
intuitquickbooksMatch2010
OR
intuitquickbooksMatch2011
OR
intuitquickbooksMatch2012
AND
microsoftinternet_explorer

Related

prion 1
cvelist 1
nvd 1
nessus 1
prion
prion
Heap overflow
2012-04-25 20:55:00
cvelist
cvelist
CVE-2012-2418
2012-04-25 20:00:00
nvd
nvd
CVE-2012-2418
2012-04-25 20:55:01
nessus
nessus
Intuit QuickBooks Help System Multiple Vulnerabilities
2012-04-24 00:00:00

6.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:H/Au:N/C:C/I:C/A:C

8.6 High

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.5%

JSON
Related for CVE-2012-2418
prion1cvelist1nvd1nessus1