Lucene search

MitreCVE-2012-4864

HistorySep 06, 2012 - 5:55 p.m.

CVE-2012-4864

2012-09-0617:55:01

CWE-94

mitre

web.nvd.nist.gov

cve-2012-4864

oreans winlicense

denial of service

memory corruption

crash

arbitrary code execution

xml file

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

High

EPSS

0.207

Percentile

96.5%

JSON

Oreans WinLicense 2.1.8.0 allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via a crafted xml file.

Affected configurations

Nvd

Node

oreanswinlicenseMatch2.1.8.0

VendorProductVersionCPE
oreanswinlicense2.1.8.0cpe:2.3:a:oreans:winlicense:2.1.8.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oreans	winlicense	2.1.8.0	cpe:2.3:a:oreans:winlicense:2.1.8.0:::::::*

References

packetstormsecurity.org/files/111034

www.exploit-db.com/exploits/18637

www.securityfocus.com/bid/52650

www.zeroscience.mk/en/vulnerabilities/ZSL-2012-5080.php

exchange.xforce.ibmcloud.com/vulnerabilities/74170

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

High

EPSS

0.207

Percentile

96.5%

JSON

Related for CVE-2012-4864