CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-3811

Unrestricted file upload vulnerability in ImageUpload.ashx in the Wallboard application in Avaya IP Office Customer Call Reporter 7.0 before 7.0.5.8 Q1 2012 Maintenance Release and 8.0 before 8.0.9.13 Q1 2012 Maintenance Release allows remote attackers to execute arbitrary code by uploading an executable file and then accessing it via a direct request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.774

EPSS Ranking 98.9%

CVSS Severity

CVSS v2 Score 10.0

References

http://zerodayinitiative.com/advisories/ZDI-12-106/
https://downloads.avaya.com/css/P8/documents/100164021
http://zerodayinitiative.com/advisories/ZDI-12-106/
https://downloads.avaya.com/css/P8/documents/100164021

Products affected by CVE-2012-3811

Avaya » Ip Office Customer Call Reporter » Version: 7.0

cpe:2.3:a:avaya:ip_office_customer_call_reporter:7.0
Avaya » Ip Office Customer Call Reporter » Version: 8.0

cpe:2.3:a:avaya:ip_office_customer_call_reporter:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-3811

Products

Pricing

Contact Us