Lucene search

MitreCVE-2012-6553

HistoryMay 23, 2013 - 3:55 p.m.

CVE-2012-6553

2013-05-2315:55:01

CWE-119

mitre

web.nvd.nist.gov

cve-2012-6553

buffer overflow

resource hacker

security vulnerability

remote code execution

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.3

Confidence

High

EPSS

0.094

Percentile

94.8%

JSON

Heap-based buffer overflow in Resource Hacker 3.6.0.92 allows remote attackers to execute arbitrary code via a Portable Executable (PE) file with a resource section containing a string that has many tab or line feed characters.

Affected configurations

Nvd

Node

angusjresource_hackerMatch3.6.0.92

VendorProductVersionCPE
angusjresource_hacker3.6.0.92cpe:2.3:a:angusj:resource_hacker:3.6.0.92:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
angusj	resource_hacker	3.6.0.92	cpe:2.3:a:angusj:resource_hacker:3.6.0.92:::::::*

References

secunia.com/advisories/49217

waleedassar.blogspot.com/2012/05/resource-hacker-heap-overflow.html

www.securityfocus.com/bid/53608

exchange.xforce.ibmcloud.com/vulnerabilities/75738

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.3

Confidence

High

EPSS

0.094

Percentile

94.8%

JSON

Related for CVE-2012-6553