Lucene search
HistorySep 19, 2012 - 7:55 p.m.
CVE-2012-5002
cve-2012-5002
buffer overflow
sr10 ftp server
remote code execution
security vulnerability
nvd
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
High
0.614 Medium
EPSS
Percentile
97.8%
Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command.
Affected configurations
Node
ricohdl-10Match4.5.0.1
ORricohsr10_ftp_serverMatch1.1.0.6
| CPE | Name | Operator | Version |
|---|---|---|---|
| ricoh:dl-10 | ricoh dl-10 | eq | 4.5.0.1 |
| ricoh:sr10_ftp_server | ricoh sr10 ftp server | eq | 1.1.0.6 |
Related
nvd
nvd
CVE-2012-5002
2012-09-19 19:55:09
cvelist
cvelist
CVE-2012-5002
2012-09-19 19:00:00
prion
prion
Stack overflow
2012-09-19 19:55:00
openvas
openvas
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.3 High
AI Score
Confidence
High
0.614 Medium
EPSS
Percentile
97.8%
Related for CVE-2012-5002