CVE-2012-2288

Published: Sep 4, 2012Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message.

Affected (3)

Products: Emc: Networker

Emc

1 product

Networker

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Emc Networker	Version 7.6.3
Emc Networker	Version 7.6.4
Emc Networker	Version 8.0

Related CWEs

CWE-134

Use of Externally-Controlled Format String

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

References (6)

http://archives.neohapsis.com/archives/bugtraq/2012-08/0219.html

Source: security_alert@emc.com

http://www.securityfocus.com/bid/55330

Source: security_alert@emc.com

http://www.securitytracker.com/id?1027459

Source: security_alert@emc.com

http://archives.neohapsis.com/archives/bugtraq/2012-08/0219.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/55330

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1027459

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.