Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2012-4957

Published: 18/11/2012 Updated: 19/11/2012
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 785
Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N
Subscribe to Novell

Vulnerability Summary

Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote malicious users to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record.

Vulnerable Product Search on Vulmon Subscribe to Product

novell file reporter 1.0.2

Exploits

Exploit DB: Novell File Reporter (NFR) Agent - XML Parsing Remote Code Execution
# wwwwabyssseccom # Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability (0day) # CVE-2012-4959 # @abysssec # well just one more of our 0day got published after ~2 year # here is info : communityrapid7com/community/metasploit/blog/2012/11/16/nfr-agent-buffer-vulnerabilites-cve-2012-4959 # and here is our exploit ...

References

CWE-22https://community.rapid7.com/community/metasploit/blog/2012/11/16/nfr-agent-buffer-vulnerabilites-cve-2012-4959http://www.kb.cert.org/vuls/id/273371https://nvd.nist.govhttps://www.exploit-db.com/exploits/23323/https://www.kb.cert.org/vuls/id/273371
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991CVE-2024-32674path traversalCVE-2023-21987denial of servicedosCVE-2024-4647CVE-2024-25519CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook