CVE-2012-2428

Published May 25, 2012

Last updated 12 years ago

Overview

Description
Integer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via a crafted packet that triggers an out-of-bounds read operation.
Source
ics-cert@hq.dhs.gov
NVD status
Analyzed

Social media

Hype score
Not currently trending

Risk scores

CVSS 2.0

Type
Primary
Base score
10
Impact score
10
Exploitability score
10
Vector string
AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov
CWE-189

Configurations