Vulnerabilities > CVE-2012-2428 - Numeric Errors vulnerability in Xarrow

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
xarrow
CWE-189
critical

Summary

Integer overflow in the server in xArrow before 3.4.1 allows remote attackers to execute arbitrary code via a crafted packet that triggers an out-of-bounds read operation.

Vulnerable Configurations

Part Description Count
Application
Xarrow
1

Common Weakness Enumeration (CWE)