CVE-2012-6275

Published Feb 24, 2013

Last updated 12 years ago

Overview

Description: Multiple stack-based buffer overflows in AntDS.exe in BigAntSoft BigAnt IM Message Server allow remote attackers to have an unspecified impact via (1) the filename header in an SCH request or (2) the userid component in a DUPF request.
Source: cret@cert.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:bigantsoft:bigant_im_message_server:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2B81ACC-15ED-4867-80CA-5C6C061FA4A6"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References