Vulnerability Details CVE-2012-5002
Stack-based buffer overflow in SR10 FTP server (SR10.exe) 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.341
EPSS Ranking 96.8%
CVSS Severity
CVSS v2 Score 6.8
References
- http://secunia.com/advisories/47912
- http://security.inshell.net/advisory/5
- http://www.osvdb.org/79691
- http://www.securityfocus.com/bid/52235
- https://exchange.xforce.ibmcloud.com/vulnerabilities/73591
- http://secunia.com/advisories/47912
- http://security.inshell.net/advisory/5
- http://www.osvdb.org/79691
- http://www.securityfocus.com/bid/52235
- https://exchange.xforce.ibmcloud.com/vulnerabilities/73591
Products affected by CVE-2012-5002
-
cpe:2.3:a:ricoh:dl-10:4.5.0.1
-
cpe:2.3:h:ricoh:sr10_ftp_server:1.1.0.6