Intuit QuickBooks 2009 through 2012 might allow remote attackers to obtain pathname information via the qbwc://docontrol/GetCompanyFile functionality.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/232979 | US Government Resource |
http://www.securityfocus.com/archive/1/522139 | Exploit |
https://exchange.xforce.ibmcloud.com/vulnerabilities/75173 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2012-04-25 13:55
Updated : 2017-12-18 18:29
NVD link : CVE-2012-2422
Mitre link : CVE-2012-2422
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
intuit
- quickbooks