PT-2012-4030 · Microsoft+1 · Internet Explorer+1

Derek Soeder

Publicado

2012-04-25

Atualizado

2021-07-23

CVE-2012-2419

CVSS v2.0

1.8

Baixa

Vetor

AV:A/AC:H/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Intuit QuickBooks versions 2009 through 2012

Description A memory leak issue exists in the intu-help-qb handlers within HelpAsyncPluggableProtocol.dll. This occurs when Internet Explorer is used and a URI contains multiple references to the same name-value pair, allowing remote attackers to cause a denial of service due to memory consumption.

Recommendations For Intuit QuickBooks versions 2009 through 2012, consider restricting the use of Internet Explorer or avoiding URIs with multiple references to the same name-value pair until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-399

Identificadores relacionados

CVE-2012-2419

Produtos afetados

Internet Explorer

Intuit Quickbooks

PT-2012-4030 · Microsoft+1 · Internet Explorer+1

CVE-2012-2419

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4