Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-6530

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2012-6530
Last Modified 31 Jan 2013 12:00:00
Published 31 Jan 2013 12:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity HIGH
Authentication SINGLE_INSTANCE

CVE-2012-6530

Summary

Stack-based buffer overflow in Sysax Multi Server before 5.52, when HTTP is enabled, allows remote authenticated users with the create folder permission to execute arbitrary code via a crafted request.

Vulnerable Systems

Application

  • Sysax Multi Server 4.3

  • Sysax Multi Server 4.5

  • Sysax Multi Server 5.50


References

BID - 51548

MISC - http://www.pwnag3.com/2012/01/sysax-multi-server-550-exploit.html

EXPLOIT-DB - 18420

EXPLOIT-DB - 18382


Last Updated: 27 May 2016 11:01:45