NVD

Id
46912  
Name
CVE-2012-5896  
Description
The Annotation Objects Extension ActiveX control in AnnotateX.dll in Quest InTrust 10.4.0.853 and earlier does not properly implement the Add method, which allows remote attackers to execute arbitrary code via a memory address in the first argument, related to an "uninitialized pointer."  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-19  
Published
2012-11-17  
Modified Date
2012-11-19  
Seq
2012-5896  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
235001 46912 CVE-2012-5896 20120328 Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution  View
235002 46912 CVE-2012-5896 http://dev.metasploit.com/redmine/projects/framework/repository/entry/modules/exploits/windows/browser/intrust_annotatex_add.rb  View
235003 46912 CVE-2012-5896 http://packetstormsecurity.org/files/111312/Quest-InTrust-10.4.x-Annotation-Objects-Code-Execution.html  View
235004 46912 CVE-2012-5896 http://packetstormsecurity.org/files/111853/Quest-InTrust-Annotation-Objects-Uninitialized-Pointer.html  View
235005 46912 CVE-2012-5896 18674  View
235006 46912 CVE-2012-5896 52765  View
235007 46912 CVE-2012-5896 intrust-annotatex-code-execution(74448)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
29684 JVNDB-2012-005391 Quest InTrust の AnnotateX.dll における任意のコードを実行される脆弱性 Quest InTrust の AnnotateX.dll 内の Annotation Objects Extension ActiveX コントロールは、適切に Add メソッドを実装していないため、任意のコードを実行される脆弱性が存在します。 CVE-2012-5896 59134 CVE-2012-5896 46912 10 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005391.html 2012-11-17 2012-11-20 View