Vulnerability Details : CVE-2012-2289
EMC ApplicationXtender Desktop before 6.5 SP2 and ApplicationXtender Web Access .NET before 6.5 SP2 allow remote attackers to upload files to any location, and possibly execute arbitrary code, via unspecified vectors.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2012-2289
Probability of exploitation activity in the next 30 days: 5.28%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 92 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-2289
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2012-2289
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2012-2289
-
http://archives.neohapsis.com/archives/bugtraq/2012-08/0168.html
-
http://www.securitytracker.com/id?1027442
EMC ApplicationXtender Lets Remote Users Upload Files to Execute Arbitrary Code - SecurityTracker
Products affected by CVE-2012-2289
- cpe:2.3:a:emc:applicationxtender_desktop:*:*:*:*:*:*:*:*
- cpe:2.3:a:emc:applicationxtender_web_access_.net:*:*:*:*:*:*:*:*