Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4924

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2012-4924
Last Modified 18 Sep 2012 12:00:00
Published 15 Sep 2012 01:55:07
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-4924

Summary

Buffer overflow in the CxDbgPrint function in the ipswcom.dll ActiveX component 1.0.0.1 for ASUS Net4Switch 1.0.0020 allows remote attackers to execute arbitrary code via a long parameter to the Alert method.

Vulnerable Systems

Application

  • Asus Ipswcom Activex Component 1.0.0.1

  • Asus Net4switch 1.0.0020


References

XF - net4switch-activex-bo(73384)

BID - 52110

EXPLOIT-DB - 18538

SECUNIA - 48125

OSVDB - 79438

MISC - http://dsecrg.com/pages/vul/show.php?id=417


Last Updated: 27 May 2016 11:00:42