Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-0201

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-0201
Last Modified 02 Mar 2012 12:00:00
Published 02 Mar 2012 06:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-0201

Summary

Stack-based buffer overflow in pcspref.dll in pcsws.exe in IBM Personal Communications 5.9.x before 5.9.8 and 6.0.x before 6.0.4 might allow remote attackers to execute arbitrary code via a long profile string in a WorkStation (aka .ws) file.

Vulnerable Systems

Application

  • Ibm Personal Communications 5.9.7.0

  • Ibm Personal Communications 5.9.7.1

  • Ibm Personal Communications 6.0.3.0


References

XF - pcom-pcspref-bo(73127)

MISC - http://www.stratsec.net/Research/Advisories/IBM-Personal-Communications-I-Series-Access-WorkSt

MISC - http://www.metasploit.com/modules/exploit/windows/fileformat/ibm_pcm_ws

EXPLOIT-DB - 18539

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21586166

AIXAPAR - IC81539

MISC - http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/fileformat/ibm_pcm_ws.rb


Last Updated: 27 May 2016 10:57:26