Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title Multiple vulnerabilities in Intuit QuickBooks
Informations
Name VU#232979 First vendor Publication 2012-04-02
Vendor VU-CERT Last vendor Modification 2012-05-21
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:A/AC:H/Au:N/C:C/I:C/A:C)
Cvss Base Score 6.8 Attack Range Adjacent network
Cvss Impact Score 10 Attack Complexity High
Cvss Expoit Score 3.2 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#232979

Multiple vulnerabilities in Intuit QuickBooks

Original Release date: 02 Apr 2012 | Last revised: 21 May 2012

Overview

Intuit QuickBooks 2009 through 2012 have been reported to contain a file disclosure and heap corruption vulnerability.

Description

Derek Soeder's vulnerability report states the following:

    Intuit Help System Protocol File Retrieval
    The vulnerability described in this document can be exploited by malicious HTML and Javascript to retrieve a file from a ZIP archive to which the user viewing the HTML has local or network file system access. The attacker must know or guess the path and file name of the target ZIP archive and the target file it contains. A further significant limitation is that files in subdirectories inside of ZIP archives have proven inaccessible, based on a sampling of Windows ZIPs, Microsoft Office 2007 documents, JARs, and APKs.

    Intuit Help System Protocol URL Heap Corruption and Memory Leak
    The vulnerability described in this document can potentially be exploited by malicious HTML and/or Javascript to execute arbitrary code as the user viewing the malicious content.

Additional details may be found in the full advisories linked above.

Impact

An attacker may be able to retrieve sensitive files or run arbitrary code.

Solution

QuickBooks 2008 through 2012 will automatically update to address this vulnerability. If you are unable to apply the latest updates, please consider the following workaround.

Disable the Intuit Help System protocol

Delete, rename, or restrict read access to the registry key:

    HKEY_LOCAL_MACHINE\SOFTWARE\[Wow6432Node]\Classes\PROTOCOLS\Handler\intu-help-qb#

Where '#' is a digit from 1 to 5, or delete, rename, or restrict execute access to the "HelpAsyncPluggableProtocol.dll" file in the QuickBooks installation directory, and then restart Internet Explorer and any application that uses it as an embedded Web browser. Note that disabling the protocol will prevent QuickBooks from displaying help pages.

Vendor Information

VendorStatusDate NotifiedDate Updated
Intuit, Inc.Affected23 Mar 201221 May 2012

CVSS Metrics (Learn More)

GroupScoreVector
Base5.0AV:A/AC:--/Au:N/C:C/I:C/A:P
Temporal3.6E:U/RL:W/RC:UC
Environmental3.6CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND

References

  • http://www.securityfocus.com/archive/1/522138
  • http://www.securityfocus.com/archive/1/522139
  • http://security.intuit.com/alert.php?a=43

Credit

Thanks to Derek Soeder for reporting this vulnerability.

This document was written by Jared Allar.

Other Information

  • CVE IDs:Unknown
  • Date Public:30 Mar 2012
  • Date First Published:02 Apr 2012
  • Date Last Updated:21 May 2012
  • Document Revision:16

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.


This product is provided subject to the Notification as indicated here: http://www.us-cert.gov/legal.html#notify

Original Source

Url : http://www.kb.cert.org/vuls/id/232979

CWE : Common Weakness Enumeration

% Id Name
43 % CWE-200 Information Exposure
14 % CWE-399 Resource Management Errors
14 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
14 % CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)
14 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 4

Nessus® Vulnerability Scanner

Date Description
2012-04-24 Name : Business accounting software installed on the remote Windows host has multipl...
File : quickbooks_help_multiple.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 12:07:38
  • Multiple Updates