Vulnerability Details CVE-2012-4956
Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to execute arbitrary code via a large number of VOL elements in an SRS record.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.705
EPSS Ranking 98.6%
CVSS Severity
CVSS v2 Score 10.0
References
- http://osvdb.org/87574
- http://www.kb.cert.org/vuls/id/273371
- https://community.rapid7.com/community/metasploit/blog/2012/11/16/nfr-agent-buffer-vulnerabilites-cve-2012-4959
- http://osvdb.org/87574
- http://www.kb.cert.org/vuls/id/273371
- https://community.rapid7.com/community/metasploit/blog/2012/11/16/nfr-agent-buffer-vulnerabilites-cve-2012-4959
Products affected by CVE-2012-4956
-
cpe:2.3:a:novell:file_reporter:1.0.2