Vulnerability Details CVE-2012-0915
Integer signedness error in RenRen Talk 2.9 allows remote attackers to execute arbitrary code via crafted dimensions of a skin file, leading to a heap-based buffer overflow, as demonstrated using a BMP image.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.08
EPSS Ranking 91.8%
CVSS Severity
CVSS v2 Score 9.3
References
Products affected by CVE-2012-0915
-
cpe:2.3:a:renren:renren_talk:2.9