Lucene search

[email protected]CVE-2012-4924

HistorySep 15, 2012 - 5:55 p.m.

CVE-2012-4924

2012-09-1517:55:07

CWE-119

[email protected]

web.nvd.nist.gov

cve-2012-4924

buffer overflow

cxdbgprint

ipswcom.dll

activex

asus net4switch

remote code execution

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.942 High

EPSS

Percentile

99.2%

JSON

Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX component 1.0.0.1 for ASUS Net4Switch 1.0.0020 allows remote attackers to execute arbitrary code via a long parameter to the Alert method.

Affected configurations

NVD

Node

asusipswcom_activex_componentMatch1.0.0.1

asusnet4switchMatch1.0.0020

CPENameOperatorVersion
asus:ipswcom_activex_componentasus ipswcom activex componenteq1.0.0.1
asus:net4switchasus net4switcheq1.0.0020

CPE	Name	Operator	Version
asus:ipswcom_activex_component	asus ipswcom activex component	eq	1.0.0.1
asus:net4switch	asus net4switch	eq	1.0.0020

References

dsecrg.com/pages/vul/show.php?id=417

osvdb.org/79438

secunia.com/advisories/48125

www.exploit-db.com/exploits/18538

www.securityfocus.com/bid/52110

exchange.xforce.ibmcloud.com/vulnerabilities/73384

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.942 High

EPSS

Percentile

99.2%

JSON

Related for CVE-2012-4924

prion1 cvelist1 nvd1