Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution (2733594) |
Informations | |||
---|---|---|---|
Name | MS12-054 | First vendor Publication | 2012-08-14 |
Vendor | Microsoft | Last vendor Modification | 2013-07-09 |
Severity (Vendor) | Critical | Revision | 2.2 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V2.2 (July 9, 2013): Bulletin revised to announce a detection change in the Windows Vista packages for the 2705219 update to correct a Windows Update reoffering issue. This is a detection change only. Customers who have already successfully updated their systems do not need to take any action. |
Original Source
Url : http://technet.microsoft.com/en-us/security/bulletin/ms12-054 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
25 % | CWE-134 | Uncontrolled Format String (CWE/SANS Top 25) |
25 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:15079 | |||
Oval ID: | oval:org.mitre.oval:def:15079 | ||
Title: | Remote Administration Protocol Heap Overflow Vulnerability - MS12-054 | ||
Description: | Heap-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administration Protocol Heap Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1852 | Version: | 3 |
Platform(s): | Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15408 | |||
Oval ID: | oval:org.mitre.oval:def:15408 | ||
Title: | Remote Administration Protocol Stack Overflow Vulnerability - MS12-054 | ||
Description: | Stack-based buffer overflow in the Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP3 allows remote attackers to execute arbitrary code via crafted RAP response packets, aka "Remote Administration Protocol Stack Overflow Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1853 | Version: | 3 |
Platform(s): | Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15531 | |||
Oval ID: | oval:org.mitre.oval:def:15531 | ||
Title: | Print Spooler Service Format String Vulnerability - MS12-054 | ||
Description: | Format string vulnerability in the Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted response, aka "Print Spooler Service Format String Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1851 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:15669 | |||
Oval ID: | oval:org.mitre.oval:def:15669 | ||
Title: | Remote Administration Protocol Denial of Service Vulnerability - MS12-054 | ||
Description: | The Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle RAP responses, which allows remote attackers to cause a denial of service (service hang) via crafted RAP packets, aka "Remote Administration Protocol Denial of Service Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2012-1850 | Version: | 5 |
Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-08-15 | Name : Microsoft Windows Networking Components Remote Code Execution Vulnerabilities... File : nvt/secpod_ms12-054.nasl |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2012-08-16 | IAVM : 2012-A-0137 - Multiple Vulnerabilities in Microsoft Windows Networking Components Severity : Category I - VMSKEY : V0033657 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-03-06 | Microsoft Windows SMB Microsoft Windows RAP API NetServerEnum2 long comment b... RuleID : 29513 - Revision : 4 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows SMB RAP API NetServerEnum2 long comment buffer overflow att... RuleID : 24336 - Revision : 12 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow... RuleID : 24007 - Revision : 15 - Type : OS-WINDOWS |
2014-01-10 | MS-RAP NetServerEnum2 read access violation attempt RuleID : 23847 - Revision : 3 - Type : NETBIOS |
2014-01-10 | Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow... RuleID : 23839 - Revision : 20 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows SMB NetServerEnum response host format string exploit attempt RuleID : 23838 - Revision : 11 - Type : OS-WINDOWS |
2014-01-10 | Microsoft Windows SMB host announcement format string exploit attempt RuleID : 23837 - Revision : 7 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-08-15 | Name : The remote Windows host is potentially affected by multiple code execution vu... File : smb_nt_ms12-054.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-07-22 12:05:39 |
|
2014-03-06 21:20:52 |
|
2014-02-17 11:47:24 |
|
2014-01-19 21:30:52 |
|
2013-11-11 12:41:30 |
|
2013-07-09 21:16:48 |
|