Lucene search
MicrosoftCVE-2012-2532HistoryNov 14, 2012 - 12:55 a.m.
CVE-2012-2532
2012-11-1400:55:01
CWE-200
microsoft
web.nvd.nist.gov
336
microsoft
ftp service
internet information services
iis
vulnerability
ftp command injection
cve-2012-2532
nvd
security
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.8
Confidence
Low
EPSS
0.003
Percentile
71.3%
Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified commands before TLS is enabled for a session, which allows remote attackers to obtain sensitive information by reading the replies to these commands, aka βFTP Command Injection Vulnerability.β
Affected configurations
Node
microsoftftp_serviceMatch7.0
microsoftwindows_server_2008sp2x32
ORmicrosoftwindows_server_2008sp2x64
ORmicrosoftwindows_vistasp2x64
ORmicrosoftwindows_vistaMatch-sp2
Node
microsoftftp_serviceMatch7.5
microsoftwindows_7Match-
ORmicrosoftwindows_7Match-x64
ORmicrosoftwindows_7Match-sp1
ORmicrosoftwindows_7Match-sp1x64
ORmicrosoftwindows_server_2008sp2x32
ORmicrosoftwindows_server_2008sp2x64
ORmicrosoftwindows_server_2008Matchr2x64
ORmicrosoftwindows_server_2008Matchr2itanium
ORmicrosoftwindows_server_2008Matchr2sp1x64
ORmicrosoftwindows_server_2008Matchr2sp1itanium
ORmicrosoftwindows_vistasp2x64
ORmicrosoftwindows_vistaMatch-sp2
Node
microsoftwindows_7Match-
ORmicrosoftwindows_7Match-x64
ORmicrosoftwindows_7Match-sp1
ORmicrosoftwindows_7Match-sp1x64
ORmicrosoftwindows_server_2008Matchr2x64
ORmicrosoftwindows_server_2008Matchr2itanium
ORmicrosoftwindows_server_2008Matchr2sp1x64
ORmicrosoftwindows_server_2008Matchr2sp1itanium
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | ftp_service | 7.0 | cpe:2.3:a:microsoft:ftp_service:7.0:*:*:*:*:*:*:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:* |
| microsoft | windows_server_2008 | * | cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:* |
| microsoft | windows_vista | * | cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:x64:* |
| microsoft | windows_vista | - | cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:* |
| microsoft | ftp_service | 7.5 | cpe:2.3:a:microsoft:ftp_service:7.5:*:*:*:*:*:*:* |
| microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:* |
| microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:x64:* |
| microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* |
| microsoft | windows_7 | - | cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:* |
Related
nvd
nvd
CVE-2012-2532
2012-11-14 00:55:01
nessus
nessus
cvelist
cvelist
CVE-2012-2532
2012-11-14 00:00:00
symantec
symantec
seebug
seebug
Microsoft IIS FTPζε‘θΏη¨ε½δ»€ζ³¨ε
₯ζΌζ΄οΌMS12-073)
2012-11-19 00:00:00
prion
prion
Command injection
2012-11-14 00:55:00
openvas
openvas
securityvulns
securityvulns
Microsoft Internet Information Services security vulnerabilities
2012-11-18 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.8
Confidence
Low
EPSS
0.003
Percentile
71.3%
Related for CVE-2012-2532