Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2012-2428
cve-2012-2428
integer overflow
xarrow
remote code execution
security vulnerability
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.8%
Integer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via a crafted packet that triggers an out-of-bounds read operation.
Affected configurations
Node
xarrowxarrowRange≤3.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| xarrow:xarrow | xarrow | le | 3.4 |
Related
prion
prion
Integer overflow
2012-05-25 19:55:00
cvelist
cvelist
CVE-2012-2428
2022-10-03 16:15:36
nvd
nvd
CVE-2012-2428
2012-05-25 19:55:01
ics
ics
xArrow Multiple Vulnerabilities
2018-09-06 12:00:00
openvas
openvas
xArrow Multiple Denial of Service Vulnerabilities
2012-06-07 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
8 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.8%
Related for CVE-2012-2428