CVE-2012-4992

Multiple buffer overflows in FlashFXP.exe in FlashFXP 4.2 allow remote authenticated users to execute arbitrary code via a long unicode string to (1) TListbox or (2) TComboBox.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 97%
VendorProductVersion
flashfxpflashfxp
4.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://archives.neohapsis.com/archives/bugtraq/2012-03/0002.html
http://osvdb.org/79767
http://seclists.org/fulldisclosure/2012/Mar/7
http://www.exploit-db.com/exploits/18555
http://www.flashfxp.com/forum/news/15473-flashfxp-4-2-released.html#post81101
http://www.securityfocus.com/bid/52259
http://www.vulnerability-lab.com/get_content.php?id=462
https://exchange.xforce.ibmcloud.com/vulnerabilities/73626
http://archives.neohapsis.com/archives/bugtraq/2012-03/0002.html
http://osvdb.org/79767
http://seclists.org/fulldisclosure/2012/Mar/7
http://www.exploit-db.com/exploits/18555
http://www.flashfxp.com/forum/news/15473-flashfxp-4-2-released.html#post81101
http://www.securityfocus.com/bid/52259
http://www.vulnerability-lab.com/get_content.php?id=462
https://exchange.xforce.ibmcloud.com/vulnerabilities/73626