Lucene search

MitreCVE-2012-4728

HistoryJun 05, 2014 - 8:55 p.m.

CVE-2012-4728

2014-06-0520:55:03

mitre

web.nvd.nist.gov

cve-2012-4728

qpw160.dll

denial of service

null pointer dereference

crash

remote attack

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.009

Percentile

82.6%

JSON

The (1) QProGetNotebookWindowHandle and (2) Ordinal132 functions in QPW160.dll in Corel Quattro Pro X6 Standard Edition 16.0.0.388 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted QPW file.

Affected configurations

Nvd

Node

corelquattro_pro_x6Range≤16.0.0.388standard

VendorProductVersionCPE
corelquattro_pro_x6*cpe:2.3:a:corel:quattro_pro_x6:*:*:*:*:standard:*:*:*

Vendor	Product	Version	CPE
corel	quattro_pro_x6	*	cpe:2.3:a:corel:quattro_pro_x6:::::standard:::*

References

archives.neohapsis.com/archives/bugtraq/2013-03/0048.html

osvdb.org/91039

osvdb.org/91040

packetstormsecurity.com/files/120713/Corel-Quattro-Pro-X6-Standard-Edition-NULL-Pointer-Dereference.html

www.securityfocus.com/bid/58386

exchange.xforce.ibmcloud.com/vulnerabilities/82707

www.htbridge.com/advisory/HTB23112

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.6

Confidence

High

EPSS

0.009

Percentile

82.6%

JSON

Related for CVE-2012-4728