Lucene search

[email protected]NVD:CVE-2012-3572

HistorySep 11, 2012 - 7:55 p.m.

CVE-2012-3572

2012-09-1119:55:00

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

7.2

Confidence

High

EPSS

0.002

Percentile

60.6%

JSON

Open Source Competency Center (OSCC) MyMeeting 3.0.1 and earlier, and MyMesyuarat 09b-1, does not properly verify uploaded documents, which allows remote authenticated users to execute arbitrary PHP code via a crafted document.

Affected configurations

Nvd

Node

nurul_hidayah_hamazulanmymesyuaratMatch09b-1

osccmymeetingRange≤3.0.1

VendorProductVersionCPE
nurul_hidayah_hamazulanmymesyuarat09b-1cpe:2.3:a:nurul_hidayah_hamazulan:mymesyuarat:09b-1:*:*:*:*:*:*:*
osccmymeeting*cpe:2.3:a:oscc:mymeeting:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nurul_hidayah_hamazulan	mymesyuarat	09b-1	cpe:2.3:a:nurul_hidayah_hamazulan:mymesyuarat:09b-1:::::::*
oscc	mymeeting	*	cpe:2.3:a:oscc:mymeeting::::::::

References

sourceforge.net/projects/mymesyuarat/files/mymesyuarat/mymesyuarat%20ver0.9b-2.zip/download

www.mycert.org.my/en/services/advisories/mycert/2012/main/detail/904/index.html

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

7.2

Confidence

High

EPSS

0.002

Percentile

60.6%

JSON

Related for NVD:CVE-2012-3572

cve1 prion1 cvelist1