Lucene search

[email protected]CVE-2012-2526

HistoryAug 15, 2012 - 1:55 a.m.

CVE-2012-2526

2012-08-1501:55:01

CWE-94

[email protected]

web.nvd.nist.gov

116

microsoft

windows

rdp

vulnerability

remote desktop protocol

security

nvd

cve-2012-2526

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.857 High

EPSS

Percentile

98.6%

JSON

The Remote Desktop Protocol (RDP) implementation in Microsoft Windows XP SP3 does not properly process packets in memory, which allows remote attackers to execute arbitrary code by sending crafted RDP packets triggering access to a deleted object, aka “Remote Desktop Protocol Vulnerability.”

Affected configurations

NVD

Node

microsoftwindows_xpsp3

CPENameOperatorVersion
microsoft:windows_xpmicrosoft windows xpeq*

CPE	Name	Operator	Version
microsoft:windows_xp	microsoft windows xp	eq	*

References

www.us-cert.gov/cas/techalerts/TA12-227A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-053

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15650

Social References

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.857 High

EPSS

Percentile

98.6%

JSON

Related for CVE-2012-2526

symantec1 openvas2 prion1 checkpoint_advisories1 nessus1 seebug1 cvelist1 nvd1 securityvulns1