Vulnerabilities > CVE-2012-6277

CVSS 9.3 - CRITICAL

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

ibm

symantec

critical

nessus

NVD

Published: 2020-02-21

Updated: 2020-03-04

Summary

Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code."

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Domino 8.5.0 IBM Domino 8.5.0.1 IBM Domino 8.5.1 IBM Domino 8.5.1.0 IBM Domino 8.5.1.1 IBM Domino 8.5.1.2 IBM Domino 8.5.1.3 IBM Domino 8.5.1.4 IBM Domino 8.5.1.5 IBM Domino 8.5.2 IBM Domino 8.5.2.0 IBM Domino 8.5.2.1 IBM Domino 8.5.2.2 IBM Domino 8.5.2.3 IBM Domino 8.5.2.4 IBM Domino 8.5.3 IBM Domino 8.5.3.0 IBM Domino 8.5.3.1 IBM Domino 8.5.3.2 IBM Domino 8.5.3.3 IBM Domino 8.5.3.4 IBM Domino 8.5.3.5 IBM Domino 8.5.3.6 IBM Notes 8.5 IBM Notes 8.5.1 IBM Notes 8.5.2 IBM Notes 8.5.3	27
Application	Symantec Symantec Data Loss Prevention Endpoint 11.0 Symantec Data Loss Prevention Enforce/Detection Servers 11.0 Symantec Mail Security 6.5.7 Symantec Mail Security - Symantec Mail Security 6.0 Symantec Mail Security 6.0.1 Symantec Mail Security 6.0.2 Symantec Mail Security 6.0.3 Symantec Mail Security 6.0.5 Symantec Mail Security 6.0.6 Symantec Mail Security 6.0.7 Symantec Mail Security 6.0.8 Symantec Mail Security 6.0.9 Symantec Mail Security 6.0.10 Symantec Mail Security 6.0.11 Symantec Mail Security 6.0.12 Symantec Mail Security 6.0.13 Symantec Mail Security 6.5 Symantec Mail Security 6.5.1 Symantec Mail Security 6.5.5 Symantec Mail Security 6.5.6 Symantec Mail Security 8.1.0 Symantec Messaging Gateway 9.5 Symantec Messaging Gateway 9.5.1 Symantec Messaging Gateway 9.5.2 Symantec Messaging Gateway 9.5.3 Symantec Messaging Gateway 9.5.4 Symantec Messaging Gateway 10.0	30
Application	Hp HP Autonomy Keyview Idol -	1

Nessus

NASL family	Web Servers
NASL id	DOMINO_8_5_3FP4.NASL
description	According to its banner, the version of Lotus Domino on the remote host is 8.5.x earlier than 8.5.3 FP4. It is, therefore, affected by the following vulnerabilities : - An error exists related to the
last seen	2020-06-01
modified	2020-06-02
plugin id	67192
published	2013-07-05
reporter	This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/67192
title	IBM Lotus Domino 8.5.x < 8.5.3 FP 4 Multiple Vulnerabilities
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(67192); script_version("1.3"); script_cvs_date("Date: 2019/11/27"); script_cve_id("CVE-2012-6277", "CVE-2013-0486", "CVE-2013-0487"); script_bugtraq_id(56610, 58646, 58652); script_xref(name:"CERT", value:"849841"); script_name(english:"IBM Lotus Domino 8.5.x < 8.5.3 FP 4 Multiple Vulnerabilities"); script_summary(english:"Checks version of Lotus Domino"); script_set_attribute(attribute:"synopsis", value: "The remote web server is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "According to its banner, the version of Lotus Domino on the remote host is 8.5.x earlier than 8.5.3 FP4. It is, therefore, affected by the following vulnerabilities : - An error exists related to the 'Autonomy KeyView' file parser that could allow arbitrary code execution. (CVE-2012-6277) - A memory leak error exists that could allow an attacker to crash the application. (CVE-2013-0486) - An error exists related to time-limited authentication credentials and the Java console that could allow an authenticated user to elevate privileges. (CVE-2013-0487)"); script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg27010592#ver853"); script_set_attribute(attribute:"see_also", value:"http://www-01.ibm.com/support/docview.wss?uid=swg21627597"); # https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_security_vulnerabilities_addressed_in_ibm_domino_ibm_domino_designer_9_0_cve_2013_0487_cve_2012_2161_cve_2012_2159_cve_2013_0486_cve_2012_6277_cve_2013_0488_cve_2013_04894?lang=en_us script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?a70209a1"); # http://www-10.lotus.com/ldd/fixlist.nsf/5c087391999d06e7852569280062619d/1ae049e892ad2e4a85257b65006e0455?OpenDocument script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?31a92d24"); # http://www-10.lotus.com/ldd/fixlist.nsf/5c087391999d06e7852569280062619d/0ed99b8fd6da4f5b85257b6600003fb6?OpenDocument script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c1992751"); # http://www-10.lotus.com/ldd/fixlist.nsf/5c087391999d06e7852569280062619d/230a515eac105bc285257b58000057ed?OpenDocument script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?c5330b7e"); script_set_attribute(attribute:"solution", value: "Upgrade to Lotus Domino 8.5.3 FP4 or later."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"cvss_score_source", value:"CVE-2013-0487"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2012/05/31"); script_set_attribute(attribute:"patch_publication_date", value:"2012/04/16"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/05"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/a:ibm:lotus_domino"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Web Servers"); script_copyright(english:"This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_dependencies("domino_installed.nasl", "http_version.nasl"); script_require_keys("Domino/Version"); script_require_ports("Services/www", 80); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); include("http.inc"); # Unless we're being paranoid, make sure a Domino web server is listening. if (report_paranoia < 2) { port = get_http_port(default:80); banner = get_http_banner(port:port); if (!banner) audit(AUDIT_NO_BANNER, port); if ("Domino" >!< banner) audit(AUDIT_NOT_LISTEN, "IBM Lotus Domino", port); } else port = 0; # Check the version of Domino installed. ver = get_kb_item_or_exit("Domino/Version"); # Check that version is granular enough if (ver == "8") exit(1, "The version "+ver+" on port "+port+" is not granular enough to make a determination."); # Check that version is 8.5.x if (ver !~ "^8\.5($\|[^0-9])") audit(AUDIT_NOT_LISTEN, "IBM Lotus Domino 8.5.x", port); # Affected 8.5.x < 8.5.3 FP4 if ( ver == "8.5" \|\| ver =~ "^8\.5 FP[0-9]" \|\| ver =~ "^8\.5\.[0-2]($\|[^0-9])" \|\| ver == "8.5.3" \|\| ver =~ "^8\.5\.3 FP[0-3]($\|[^0-0])" ) { if (report_verbosity > 0) { report = '\n' + '\n Installed version : ' + ver + '\n Fixed version : 8.5.3 FP4' + '\n'; security_hole(port:port, extra:report); } else security_hole(port); } else audit(AUDIT_LISTEN_NOT_VULN, "IBM Lotus Domino", port, ver);

Vulnerabilities > CVE-2012-6277 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2012-6277"}]}

Summary

Vulnerable Configurations

Nessus

References

Vulnerabilities > CVE-2012-6277