CVE-2012-2532

Published Nov 14, 2012

Last updated 3 months ago

CVSS info 5.0

Overview

Description: Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified commands before TLS is enabled for a session, which allows remote attackers to obtain sensitive information by reading the replies to these commands, aka "FTP Command Injection Vulnerability."
Source: secure@microsoft.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:ftp_service:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8771A0C8-D025-4276-ABFE-D20142424B49"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*",
            "vulnerable": false,
            "matchCriteriaId": "CB32349F-815C-4715-8BC7-DFAC8B13D738"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "F8216946-5F76-48B9-91CC-207F657D7D3C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "0161C884-70A5-4AD0-BD80-F0F7B3D8579E"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:microsoft:ftp_service:7.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC3C0BE9-A392-4655-8035-670DD9DAE6A0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "FE52F111-C761-4011-9AC4-8B9C0E9357D9"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "7FE8B00B-4F39-4755-A323-8AD71F5E3EBE"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*",
            "vulnerable": false,
            "matchCriteriaId": "CB32349F-815C-4715-8BC7-DFAC8B13D738"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "F8216946-5F76-48B9-91CC-207F657D7D3C"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "B7674920-AE12-4A25-BE57-34AEDDA74D76"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:itanium:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FFD7C2AE-CC44-4679-8558-15362B8E3922"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:itanium:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9AFAE529-A356-4526-8487-D6CA37696219"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "0161C884-70A5-4AD0-BD80-F0F7B3D8579E"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "FE52F111-C761-4011-9AC4-8B9C0E9357D9"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "7FE8B00B-4F39-4755-A323-8AD71F5E3EBE"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "B7674920-AE12-4A25-BE57-34AEDDA74D76"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:itanium:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FFD7C2AE-CC44-4679-8558-15362B8E3922"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
            "vulnerable": false,
            "matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
          },
          {
            "criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:itanium:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9AFAE529-A356-4526-8487-D6CA37696219"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References