Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5002

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-5002
Last Modified 20 Sep 2012 12:54:34
Published 19 Sep 2012 03:55:09
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-5002

Summary

Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command.

Vulnerable Systems

Application

  • Ricoh Dl-10 4.5.0.1


References

XF - ricoh-user-bo(73591)

BID - 52235

OSVDB - 79691

MISC - http://security.inshell.net/advisory/5

SECUNIA - 47912


Last Updated: 27 May 2016 11:00:46