CVE-2012-5897

The (1) SimpleTree and (2) ReportTree classes in the ARDoc ActiveX control (ARDoc.dll) in Quest InTrust 10.4.0.853 and earlier do not properly implement the SaveToFile method, which allows remote attackers to write or overwrite arbitrary files via the bstrFileName argument.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2012-03/0155.html	Exploit
http://www.securityfocus.com/bid/52773	Exploit
http://www.exploit-db.com/exploits/18672	Exploit
http://secunia.com/advisories/48566	Vendor Advisory
http://osvdb.org/80664
https://exchange.xforce.ibmcloud.com/vulnerabilities/74442

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:quest:intrust:10.1:::::::*
	cpe:2.3:a:quest:intrust::::::::
	cpe:2.3:a:quest:intrust:10.4:::::::*
	cpe:2.3:a:quest:intrust:10.3:::::::*
	cpe:2.3:a:quest:intrust:10.2.5:::::::*

Information

Published : 2012-11-17 13:55

Updated : 2017-09-01 18:29

NVD link : CVE-2012-5897

Mitre link : CVE-2012-5897

JSON object : View

CWE

CWE-264

Permissions, Privileges, and Access Controls

Advertisement

Products Affected

quest

intrust

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2012-03/0155.html", "name": "20120328 Quest InTrust 10.4.x ReportTree and SimpleTree Classes ArDoc.dll ActiveX Control Remote File Creation / Overwrite Vulnerability", "tags": ["Exploit"], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/bid/52773", "name": "52773", "tags": ["Exploit"], "refsource": "BID"}, {"url": "http://www.exploit-db.com/exploits/18672", "name": "18672", "tags": ["Exploit"], "refsource": "EXPLOIT-DB"}, {"url": "http://secunia.com/advisories/48566", "name": "48566", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://osvdb.org/80664", "name": "80664", "tags": [], "refsource": "OSVDB"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74442", "name": "intrust-ardoc-file-overwrite(74442)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The (1) SimpleTree and (2) ReportTree classes in the ARDoc ActiveX control (ARDoc.dll) in Quest InTrust 10.4.0.853 and earlier do not properly implement the SaveToFile method, which allows remote attackers to write or overwrite arbitrary files via the bstrFileName argument."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-264"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-5897", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2012-11-17T21:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:quest:intrust:10.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:quest:intrust:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "10.4.0.853"}, {"cpe23Uri": "cpe:2.3:a:quest:intrust:10.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:quest:intrust:10.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:quest:intrust:10.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-09-02T01:29Z"}