NVD

Id
44228  
Name
CVE-2012-2418  
Description
Heap-based buffer overflow in the intu-help-qb (aka Intuit Help System Async Pluggable Protocol) handlers in HelpAsyncPluggableProtocol.dll in Intuit QuickBooks 2009 through 2012, when Internet Explorer is used, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a URI with a % (percent) character as its (1) last or (2) second-to-last character.  
Reject
 
CVSS Version
2  
CVSS Score
6.8  
Severity
Medium  
CVSS Base Score
6.8  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
3.2  
CVSS Vector
(AV:A/AC:H/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2012-04-25  
Modified Date
2012-11-06  
Seq
2012-2418  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
222129 44228 CVE-2012-2418 VU#232979  View
222130 44228 CVE-2012-2418 20120330 Intuit Help System Protocol URL Heap Corruption and Memory Leak  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
26452 JVNDB-2012-002159 Intuit QuickBooks の intu-help-qb ハンドラにおけるヒープベースのバッファオーバーフローの脆弱性 Intuit QuickBooks の HelpAsyncPluggableProtocol.dll 内の intu-help-qb ハンドラには、Internet Explorer が使用される場合、ヒープベースのバッファオーバーフローの脆弱性が存在します。 CVE-2012-2418 55656 CVE-2012-2418 44228 6.8 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002159.html 2012-04-25 2012-04-27 View