CVE-2012-2532
Published Nov 14, 2012
Last updated 4 years ago
Overview
- Description
- Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) processes unspecified commands before TLS is enabled for a session, which allows remote attackers to obtain sensitive information by reading the replies to these commands, aka "FTP Command Injection Vulnerability."
- Source
- secure@microsoft.com
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ftp_service:7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8771A0C8-D025-4276-ABFE-D20142424B49"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*",
"vulnerable": false,
"matchCriteriaId": "CB32349F-815C-4715-8BC7-DFAC8B13D738"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "F8216946-5F76-48B9-91CC-207F657D7D3C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "0161C884-70A5-4AD0-BD80-F0F7B3D8579E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:ftp_service:7.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC3C0BE9-A392-4655-8035-670DD9DAE6A0"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "FE52F111-C761-4011-9AC4-8B9C0E9357D9"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "7FE8B00B-4F39-4755-A323-8AD71F5E3EBE"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x32:*",
"vulnerable": false,
"matchCriteriaId": "CB32349F-815C-4715-8BC7-DFAC8B13D738"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:*:sp2:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "F8216946-5F76-48B9-91CC-207F657D7D3C"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "B7674920-AE12-4A25-BE57-34AEDDA74D76"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:itanium:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FFD7C2AE-CC44-4679-8558-15362B8E3922"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:itanium:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9AFAE529-A356-4526-8487-D6CA37696219"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:*:sp2:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "0161C884-70A5-4AD0-BD80-F0F7B3D8579E"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BF1AD1A1-EE20-4BCE-9EE6-84B27139811C"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E33796DB-4523-4F04-B564-ADF030553D51"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "FE52F111-C761-4011-9AC4-8B9C0E9357D9"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "C2B1C231-DE19-4B8F-A4AA-5B3A65276E46"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "7FE8B00B-4F39-4755-A323-8AD71F5E3EBE"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "B7674920-AE12-4A25-BE57-34AEDDA74D76"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:*:*:*:itanium:*:*:*",
"vulnerable": false,
"matchCriteriaId": "FFD7C2AE-CC44-4679-8558-15362B8E3922"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*",
"vulnerable": false,
"matchCriteriaId": "AF07A81D-12E5-4B1D-BFF9-C8D08C32FF4F"
},
{
"criteria": "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:itanium:*:*:*",
"vulnerable": false,
"matchCriteriaId": "9AFAE529-A356-4526-8487-D6CA37696219"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]